4530 matches found
Microsoft SQL Server Hello buffer overflow
Added: 08/07/2006 CVE: CVE-2002-1123 BID: 5411 OSVDB: 10132 Background Microsoft SQL Server is a database server package for Windows platforms. Problem Microsoft SQL Server 2000 is affected by a buffer overflow vulnerability in the code which handles user authentication. This allows a remote...
Microsoft SQL Server Hello buffer overflow
Added: 08/07/2006 CVE: CVE-2002-1123 BID: 5411 OSVDB: 10132 Background Microsoft SQL Server is a database server package for Windows platforms. Problem Microsoft SQL Server 2000 is affected by a buffer overflow vulnerability in the code which handles user authentication. This allows a remote...
Shield SQLFindCandy database scanning-vulnerability warning-the black bar safety net
One, SQLFindCandy scan SQLFindCandy write it the people called the village of rain he said it was Cool, Oh the others are also good) Software Description The following functions: 1. To find a network all the SQl Server2000 Server! 2. For network own to modify the SQL Server Portnon-1 4 3 3The...
MySQL: SQL Injection
Background MySQL is a popular multi-threaded, multi-user SQL server. Description MySQL is vulnerable to an injection flaw in mysqlrealescape when used with multi-byte characters. Impact Due to a flaw in the multi-byte character process, an attacker is still able to inject arbitary SQL statements...
Design/Logic Flaw
JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HRStaff table in Microsoft SQL Server, and sends the usernames and passwords in cleartext to the application's SQL Server ODBC driver, which might allow context-dependent attackers to obtain the passwords...
CVE-2006-2718
JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name of a data source, to a Crystal Reports .rpt file, which allows remote authenticated users to execute certain standard stored procedures by referencing them in a user-written .rpt file, as demonstrat...
Default credentials
JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name of a data source, to a Crystal Reports .rpt file, which allows remote authenticated users to execute certain standard stored procedures by referencing them in a user-written .rpt file, as demonstrat...
CVE-2006-2719
JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HRStaff table in Microsoft SQL Server, and sends the usernames and passwords in cleartext to the application's SQL Server ODBC driver, which might allow context-dependent attackers to obtain the passwords...
CVE-2006-2718
CVE-2006-2718 describes a vulnerability in JIWA Financials 6.4.14 where a Microsoft SQL Server account username, password, and the data source name are passed to a Crystal Reports .rpt file. This enables remote authenticated users to invoke certain stored procedures by referencing them in a user-...
CVE-2006-2719
JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HRStaff table in Microsoft SQL Server, and sends the usernames and passwords in cleartext to the application's SQL Server ODBC driver, which might allow context-dependent attackers to obtain the passwords...
CVE-2006-2718
JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name of a data source, to a Crystal Reports .rpt file, which allows remote authenticated users to execute certain standard stored procedures by referencing them in a user-written .rpt file, as demonstrat...
CVE-2006-2719
JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HR_Staff table of Microsoft SQL Server and transmits them in cleartext to the application's SQL Server ODBC driver, enabling potential credential exposure to context-dependent attackers. The available docum...
Hacked SQL Server system ten ways-vulnerability warning-the black bar safety net
Using either the manual probe or the use of security testing tools, malicious attackers always use a variety of tricks from your firewall to internal and external compromise your SQL Server system. Since the hackers do such a thing. You also need to implement the same attacks to test your system'...
SQL Server password the password table-a vulnerability warning-the black bar safety net
SQL Server 1 4 3 3-port Data transmission most of it is plaintext, this includes IP address, connected user name, success and fail messages as a result, it is easy to use Sniffer Sniffer on the network segment within the SQL Server related information, get the username and IP, it is the differenc...
SQL Server users and permissions-bug warning-the black bar safety net
Note: would like to this article dedicated to my father and mother, thank them for me over the years of parenting grace. Original statement: China dark domain network technology information Station the original article, The author ice blood sealing caseEvilOctal, reproduced please renowned...
SQL Server SA rights summary of the classic techniques-vulnerability warning-the black bar safety net
The premise of the need for tools: SQL Query Analyzer and SqlExec Sunx Version The first part: About to remove the xpcmdshell to protect the system analysis summary: First of all know about the statement: 1. Remove the xpcmdshell extended procedure of the method is to use the following statement:...
Microsoft SQL Server 2000 resolution service buffer overflow
Added: 02/05/2006 CVE: CVE-2002-0649 BID: 5310 OSVDB: 4577 Background Microsoft SQL Server is a database server package for Windows platforms. SQL Server 2000 introduced the SQL Server Resolution Service, which runs on port 1434/UDP and identifies the port on which each SQL Server instance runs...
Microsoft SQL Server 2000 resolution service buffer overflow
Added: 02/05/2006 CVE: CVE-2002-0649 BID: 5310 OSVDB: 4577 Background Microsoft SQL Server is a database server package for Windows platforms. SQL Server 2000 introduced the SQL Server Resolution Service, which runs on port 1434/UDP and identifies the port on which each SQL Server instance runs...
Microsoft SQL Server 2000 resolution service buffer overflow
Added: 02/05/2006 CVE: CVE-2002-0649 BID: 5310 OSVDB: 4577 Background Microsoft SQL Server is a database server package for Windows platforms. SQL Server 2000 introduced the SQL Server Resolution Service, which runs on port 1434/UDP and identifies the port on which each SQL Server instance runs...
Microsoft SQL Server 2000 resolution service buffer overflow
Added: 02/05/2006 CVE: CVE-2002-0649 BID: 5310 OSVDB: 4577 Background Microsoft SQL Server is a database server package for Windows platforms. SQL Server 2000 introduced the SQL Server Resolution Service, which runs on port 1434/UDP and identifies the port on which each SQL Server instance runs...