4418 matches found
CVE-2009-2357
The default configuration of TekRADIUS 3.0 uses the sa account to communicate with Microsoft SQL Server, which makes it easier for remote attackers to obtain privileged access to the database and the underlying Windows operating system...
CVE-2009-2357
The default configuration of TekRADIUS 3.0 uses the sa account to communicate with Microsoft SQL Server, which makes it easier for remote attackers to obtain privileged access to the database and the underlying Windows operating system...
CVE-2009-2357
TekRADIUS 3.0 is affected: its default configuration communicates with Microsoft SQL Server using the sa account, enabling remote attackers to obtain privileged database and Windows OS access. The Seebug entry also notes that TekRADIUS stores DB credentials in C:\Program Files\TekRADIUS\TekRADIUS...
Use SQLRootKit web database the back door control case-vulnerability warning-the black bar safety net
Through this case study you can learn to: ① Understand the web database the back door SQLRootKit and other aspects of knowledge; ② Use SQLRootKit 1.0 and SQLRootKit 3.0 database Backdoor to control the computer. SQLRootKit is a method used to execute the database command in the web script, the...
Microsoft SQL Server spreplwritetovarbin Buffer Overflow
Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...
Microsoft SQL Server spreplwritetovarbin Buffer Overflow
Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...
Microsoft SQL Server spreplwritetovarbin Buffer Overflow
Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...
Microsoft SQL Server spreplwritetovarbin Buffer Overflow
Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...
SQL injection
Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...
PHPRunner 4.2 (SearchOption) Blind SQL Injection Vulnerability
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory: http://www.bugreport.ir/index63.htm...
PHPRunner 4.2 (SearchOption) Blind SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================== PHPRunner 4.2 SearchOption Blind SQL Injection Vulnerability ==============================================================...
PHPRunner 4.2 - 'SearchOption' Blind SQL Injection
www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory: http://www.bugreport.ir/index63.htm Fix: N/A - Description: PHPRunner...
PHPRunner 4.2 - SearchOption Blind SQL Injection
PHPRunner 4.2 - SearchOption Blind SQL Injection www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory:...
Fedora Update for gallery2 FEDORA-2007-2020
Check for the Version of gallery2 OpenVAS Vulnerability Test Fedora Update for gallery2 FEDORA-2007-2020 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for gallery2 FEDORA-2007-4778
Check for the Version of gallery2 OpenVAS Vulnerability Test Fedora Update for gallery2 FEDORA-2007-4778 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for gallery2 FEDORA-2007-4777
Check for the Version of gallery2 OpenVAS Vulnerability Test Fedora Update for gallery2 FEDORA-2007-4777 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for rubygem-rails FEDORA-2008-8282
Check for the Version of rubygem-rails OpenVAS Vulnerability Test Fedora Update for rubygem-rails FEDORA-2008-8282 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for gallery2 FEDORA-2008-2650
Check for the Version of gallery2 OpenVAS Vulnerability Test Fedora Update for gallery2 FEDORA-2008-2650 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Microsoft SQL Server RCE (959420)
Binary data 4927.prm...
MS09-004: Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420) (uncredentialed check)
The remote Windows host is running a version of Microsoft SQL Server, Desktop Engine, or Internal Database that is affected by a remote code execution vulnerability in the spreplwritetovarbin stored procedure due to a failure to check invalid parameters. An authenticated, remote attacker can...