SQL Server Cleartext 'sa' Account 'password' Password Authentication (deprecated)

Binary data 1123.prm...

SQL Server Cleartext 'sql' Account 'sql' Password Attempted Login (deprecated)

Binary data 1118.prm...

SQL Server Cleartext 'sa' Account 'administrator' Password Authentication (deprecated)

Binary data 1124.prm...

SQL Server Cleartext 'probe' Account 'probe' Password Authentication (deprecated)

Binary data 1128.prm...

SQL Server Cleartext 'admin' Account 'password' Password Attempted Login (deprecated)

Binary data 1114.prm...

SQL Server Cleartext 'sa' Account 'sa' Password Attempted Login (deprecated)

Binary data 1109.prm...

SQL Server Cleartext 'admin' Account 'password' Password Authentication (deprecated)

Binary data 1132.prm...

SQL Server Cleartext 'sa' Account 'NULL' Password Authentication (deprecated)

Binary data 1121.prm...

SQL Server Cleartext 'sa' Account 'password' Password Attempted Login (deprecated)

Binary data 1110.prm...

SQL Server Cleartext 'probe' Account 'probe' Password Attempted Login (deprecated)

Binary data 1116.prm...

SQL Server Cleartext 'sa' Account 'sql' Password Attempted Login (deprecated)

Binary data 1119.prm...

SQL Server Detection

Binary data 2131.prm...

CVE-2004-0702

Bugzilla 2.17.1–2.17.7 is affected by CVE-2004-0702: the DBI layer displays the database password in an error message when the SQL server is not running, enabling potential information disclosure to remote attackers. The issue concerns the Bugzilla CGI/database interaction rather than input valid...

Microsoft SQL Server < 7 Local Privilege Escalation

Based on its version number, the remote host may be vulnerable to a local exploit wherein an authenticated user can obtain and crack SQL usernames and passwords from the registry. An attacker may use this flaw to elevate their privileges on the local database. This alert might be a false positive...

CVE-2003-0230

Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability...

CVE-2003-0231

Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service crash or hang via a long request to a named pipe...

CVE-2003-0232

Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls LPC port that leads to a buffer overflow...

AppSecInc Security Alert: Buffer Overflow in UDP broadcasts for Microsoft SQL Server client utilities

Buffer Overflow in UDP broadcasts for Microsoft SQL Server client utilities Risk level: High Summary: A Unicode buffer overflow exists in MDAC which is used by the SQL Server SQL-DMO library that could allow a remote user to execute malicious code on the target computer. The vulnerability does no...

Microsoft Data Access Components ODBC Buffer Overflow Vulnerability

Description A buffer overflow vulnerability exists in Microsoft Data Access Components that may allow an attacker to run arbitrary code on a client machine. This vulnerability is exposed when a client or a SQL Server implementing the SQL-DMO library, sends a broadcast request for Microsoft SQL...

CVE-2003-0496

Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xpfileexist extended stored procedure with a named pipe as an argument instead of a normal file...