BrightStor ARCserve Backup agent for MS-SQL buffer overflow

Added: 12/20/2005 CVE: CVE-2005-1272 BID: 14453 OSVDB: 18501 Background BrightStor ARCserve Backup is a backup and recovery solution for multiple platforms. Problem A buffer overflow in the backup agent for Microsoft SQL Server allows remote attackers to execute arbitrary commands. Resolution App...

Replace the small bamboo of the NBSI2: the Opendatasource And Openrowset-vulnerability warning-the black bar safety net

Currently on the market of SQL Injection tools a lot, the most respected is the NBSI2. SQL Injection method on the Internet is everywhere, everyone serious to learn it will soon become the script of the invasion“master”it. But whether it is tools, or numerous methods, to guess the SQL data when t...

Lyris ListManager - Read Message Attachment SQL Injection (Metasploit)

This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...

Ideal BB.NET 1.3 XSS vuln

Ideal BB.NET 1.3 XSS vuln Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/ideal-bbnet-13-xss-vuln.html vendor:www.idealscience.com/site/products/idealbb.net.aspx affected version: 1.3 and prior Product Description: It is a powerful bulletin board...

MS02-039 Microsoft SQL Server Resolution Overflow

This is an exploit for the SQL Server 2000 resolution service buffer overflow. This overflow is triggered by sending a udp packet to port 1434 which starts with 0x04 and is followed by long string terminating with a colon and a number. This module should work against any vulnerable SQL Server 200...

Microsoft SQL (MSSQL) Server Brute Force Logins With Default Credentials (TCP/IP Listener)

The remote Microsoft SQL MSSQL Server has a common / publicly known password for one or more accounts. SPDX-FileCopyrightText: 2005 HD Moore SPDX-FileCopyrightText: New / improved code since 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C...

Microsoft SQL Server (MSSQL) Info Query (UDP)

UPD based information query from a Microsoft SQL Server MSSQL. SPDX-FileCopyrightText: 2005 HD Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft SQL Server SQL Abuse Vulnerability (Q256052)

The remote SQL server seems to be vulnerable to the SQL abuse vulnerability described in technet article Q256052. SPDX-FileCopyrightText: 2001 Intranode Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

Microsoft SQL (MSSQL) Server Detection (TCP/IP Listener)

Microsoft SQL MSSQL Server detection based on an exposed TCP/IP listener. SPDX-FileCopyrightText: 2005 Nicolas Gregoire Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SMB Registry : SQL7 Patches

The remote SQL server seems to be vulnerable to the SQL abuse vulnerability described in technet article Q256052. This problem allows an attacker who has to ability to execute SQL queries on this host to gain elevated privileges. OpenVAS Vulnerability Test $Id: smbmssql7.nasl 6056 2017-05-02...

Microsoft

The remote MS SQL server is vulnerable to the Hello overflow. An attacker may use this flaw to execute commands against the remote host as LOCAL/SYSTEM, as well as read your database content. This alert might be a false positive. OpenVAS Vulnerability Test $Id: mssqlhellooverflow.nasl 8023...

XML Core Services patch (Q318203)

XMLHTTP Control Can Allow Access to Local Files. SPDX-FileCopyrightText: 2002 Michael Scheidell Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft SQL (MSSQL) Server Blank Password (TCP/IP Listener)

The remote Microsoft SQL MSSQL Server has the default SPDX-FileCopyrightText: 2001 HD Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:microsoft:sqlserver";...

CVE-2004-2323

DotNetNuke formerly IBuySpy Workshop 1.0.6 through 1.0.10d allows remote attackers to obtain sensitive information, including the SQL server username and password, via a GET request for source or configuration files such as Web.config...

CVE-2004-2323

DotNetNuke (formerly IBuySpy Workshop) 1.0.6–1.0.10d is affected. A remote attacker can obtain sensitive information, including the SQL server username and password, by performing a GET request for source or configuration files such as Web.config. This vulnerability exposes credentials and arises...

CA BrightStor MS-SQL Server ARCserve Backup Agent Buffer Overflow (CAN-2005-1272)

...

CVE-2005-1272

Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port 1 6070 or 2 6050...

CVE-2005-1272

CVE-2005-1272 is a stack-based buffer overflow in BrightStor ARCserve Backup Agent for Microsoft SQL Server (11.0). The vulnerability allows remote code execution by sending a long string to ports 6070 or 6050; root cause is a boundary/stack overflow in the agent. Remediation guidance present in ...

CVE-2005-1272

Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port 1 6070 or 2 6050...

[Full-disclosure] iDEFENSE Security Advisory 08.02.05: CA BrightStor ARCserve Backup Agent for MS SQL Server Buffer Overflow

CA BrightStor ARCserve Backup Agent for MS SQL Server Buffer Overflow iDEFENSE Security Advisory 08.02.05 www.idefense.com/application/poi/display?id=287&type=vulnerabilities August 2, 2005 I. BACKGROUND BrightStor ARCserve Backup for Windows delivers backup and restore protection for all Windows...