4530 matches found
Microsoft SQL Server Database Detection
Binary data 3393.prm...
MS02-056 Microsoft SQL Server Hello Overflow
By sending malformed data to TCP port 1433, an unauthenticated remote attacker could overflow a buffer and possibly execute code on the server with SYSTEM level privileges. This module should work against any vulnerable SQL Server 2000 or MSDE install 'MS02-056 Microsoft SQL Server Hello Overflow...
Lyris ListManager MSDE Weak sa Password
The remote host appears to be running ListManager, a web-based commercial mailing list management application from Lyris. The version of ListManager on the remote host was installed using Microsoft SQL Server Desktop Engine MSDE for its database backend along with a weak password for the 'sa'...
BrightStor ARCserve Backup agent for MS-SQL buffer overflow
Added: 12/20/2005 CVE: CVE-2005-1272 BID: 14453 OSVDB: 18501 Background BrightStor ARCserve Backup is a backup and recovery solution for multiple platforms. Problem A buffer overflow in the backup agent for Microsoft SQL Server allows remote attackers to execute arbitrary commands. Resolution App...
Replace the small bamboo of the NBSI2: the Opendatasource And Openrowset-vulnerability warning-the black bar safety net
Currently on the market of SQL Injection tools a lot, the most respected is the NBSI2. SQL Injection method on the Internet is everywhere, everyone serious to learn it will soon become the script of the invasion“master”it. But whether it is tools, or numerous methods, to guess the SQL data when t...
Lyris ListManager - Read Message Attachment SQL Injection (Metasploit)
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...
Ideal BB.NET 1.3 XSS vuln
Ideal BB.NET 1.3 XSS vuln Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/ideal-bbnet-13-xss-vuln.html vendor:www.idealscience.com/site/products/idealbb.net.aspx affected version: 1.3 and prior Product Description: It is a powerful bulletin board...
MS02-039 Microsoft SQL Server Resolution Overflow
This is an exploit for the SQL Server 2000 resolution service buffer overflow. This overflow is triggered by sending a udp packet to port 1434 which starts with 0x04 and is followed by long string terminating with a colon and a number. This module should work against any vulnerable SQL Server 200...
Microsoft
The remote MS SQL server is vulnerable to the Hello overflow. An attacker may use this flaw to execute commands against the remote host as LOCAL/SYSTEM, as well as read your database content. This alert might be a false positive. OpenVAS Vulnerability Test $Id: mssqlhellooverflow.nasl 8023...
Microsoft SQL (MSSQL) Server Brute Force Logins With Default Credentials (TCP/IP Listener)
The remote Microsoft SQL MSSQL Server has a common / publicly known password for one or more accounts. SPDX-FileCopyrightText: 2005 HD Moore SPDX-FileCopyrightText: New / improved code since 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C...
Microsoft SQL Server (MSSQL) Info Query (UDP)
UPD based information query from a Microsoft SQL Server MSSQL. SPDX-FileCopyrightText: 2005 HD Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft SQL (MSSQL) Server Detection (TCP/IP Listener)
Microsoft SQL MSSQL Server detection based on an exposed TCP/IP listener. SPDX-FileCopyrightText: 2005 Nicolas Gregoire Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SMB Registry : SQL7 Patches
The remote SQL server seems to be vulnerable to the SQL abuse vulnerability described in technet article Q256052. This problem allows an attacker who has to ability to execute SQL queries on this host to gain elevated privileges. OpenVAS Vulnerability Test $Id: smbmssql7.nasl 6056 2017-05-02...
Microsoft SQL Server SQL Abuse Vulnerability (Q256052)
The remote SQL server seems to be vulnerable to the SQL abuse vulnerability described in technet article Q256052. SPDX-FileCopyrightText: 2001 Intranode Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...
Microsoft SQL (MSSQL) Server Blank Password (TCP/IP Listener)
The remote Microsoft SQL MSSQL Server has the default SPDX-FileCopyrightText: 2001 HD Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:microsoft:sqlserver";...
XML Core Services patch (Q318203)
XMLHTTP Control Can Allow Access to Local Files. SPDX-FileCopyrightText: 2002 Michael Scheidell Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2004-2323
DotNetNuke formerly IBuySpy Workshop 1.0.6 through 1.0.10d allows remote attackers to obtain sensitive information, including the SQL server username and password, via a GET request for source or configuration files such as Web.config...
CVE-2004-2323
DotNetNuke (formerly IBuySpy Workshop) 1.0.6–1.0.10d is affected. A remote attacker can obtain sensitive information, including the SQL server username and password, by performing a GET request for source or configuration files such as Web.config. This vulnerability exposes credentials and arises...
CA BrightStor MS-SQL Server ARCserve Backup Agent Buffer Overflow (CAN-2005-1272)
...
CVE-2005-1272
Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port 1 6070 or 2 6050...