MS12-040: Vulnerability in Microsoft Dynamics AX Enterprise Portal Could Allow Elevation of Privilege (MSSQL check)

Binary data ms12-040mssql.nbin...

CVE-2012-0733

IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when Integrated Windows authentication is used, allows remote authenticated users to obtain administrative privileges by hijacking a session associated with the service account...

CVE-2011-2143

IBM Datacap Taskmaster Capture 8.0.1 before FP1, when Windows Authentication is enabled, allows remote attackers to obtain login access by using an incorrect password in conjunction with an account name from a different domain...

Authentication flaw

IBM Datacap Taskmaster Capture 8.0.1 before FP1, when Windows Authentication is enabled, allows remote attackers to obtain login access by using an incorrect password in conjunction with an account name from a different domain...

CVE-2011-2143

IBM Datacap Taskmaster Capture 8.0.1 before FP1, when Windows Authentication is enabled, allows remote attackers to obtain login access by using an incorrect password in conjunction with an account name from a different domain...

ms-sql-xp-cmdshell NSE Script

Attempts to run a command using the command shell of Microsoft SQL Server ms-sql. SQL Server credentials required: Yes use ms-sql-brute, ms-sql-empty-password and/or mssql.username & mssql.password Run criteria: Host script: Will run if the mssql.instance-all, mssql.instance-name or...

Speed up,Butler BA SQL Server account Set Password of the PJ method-vulnerability warning-the black bar safety net

Generally refers to the use of SQL Server password authentication mode, the sa or admin user password forget. First, open the Registry Editor,“run”, enter regedit findHKEYLOCALMACHINE\\SOFTWARE\\MICROSOFT\\MSSQLSERVER\\MSSQLSERVER, This item which has a key value LoginMode, now the value is 1,...

C4 SCADA Security Advisory - OSISoft PI Server Authentication Weakness

Background ----------------- Vendor product information, from www.osisoft.com : The PI SystemT brings all operational data into a single system that can deliver it to users at all levels of the company - from the plant floor to the enterprise level. The PI System keeps business-critical data alwa...

Can record windows login password stuff-vulnerability warning-the black bar safety net

from: t00ls.net ========Principle: windows Authentication in General are ultimately in the lsass process 默认 模块 是 msv10.dll while critical in its export function LsaApLogonUserEx2, the The present program by injecting code into the lsass process hook LsaApLogonUserEx2, the interception of the...

Novell Client NetIdentity Agent XTIERRPCPIPE pointer dereference vulnerability

Added: 07/24/2009 CVE: CVE-2009-1350 BID: 34400 OSVDB: 53351 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem A vulnerability in the xtagent.exe program allows remote, authenticated attackers to execute arbitrary commands by sending a specially crafted...

Novell Client NetIdentity Agent XTIERRPCPIPE pointer dereference vulnerability

Added: 07/24/2009 CVE: CVE-2009-1350 BID: 34400 OSVDB: 53351 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem A vulnerability in the xtagent.exe program allows remote, authenticated attackers to execute arbitrary commands by sending a specially crafted...

iis6 webdav vulnerability EXP-vulnerability warning-the black bar safety net

Requirements: 1. iis6 version 2. Open the webdav （allow） in the iis console inside can see the web Service Extensions 3. You can bypass the 5 0 1 need windows Authentication file.% c0%af 4. For source code upload or download, you'll need iis configured inside giving the“script resource access”. ?...

SMB Registry : Start the Registry Service during the scan

To perform a full credentialed scan, Nessus needs the ability to connect to the remote registry service RemoteRegistry. If the service is down, this plugin will attempt to start for the duration of the scan. You need to explicitly enable this option for this plugin to work: 'Start the Remote...

GE Fanuc Proficy Information Portal transmits authentication credentials in plain text

Overview GE Fanuc Proficy Information Portal can transmit authentication credentials in plain text. An attacker could monitor traffic, obtain valid credentials, and gain access to the portal. Description GE Fanuc Proficy Information Portal is a web-based systems reporting tool often used to...

Ingres用户认证非授权访问漏洞

BUGTRAQ ID: 26959 CVECAN ID: CVE-2007-6334 Ingres是很多CA产品默认所使用的数据库后端。 Windows平台上的Ingres数据库为之后连接的用户分配了与第一个连接用户相同的权限和身份，这允许远程攻击者获得非授权访问。仅在运行于Microsoft IIS Web服务器上且启用了集成Windows认证（IWA）选项的情况下才会出现这个漏洞。 Ingres Corporation Ingres Database 2.6 Ingres Corporation Ingres Database 2.5 厂商补丁： Ingres Corporation...

Engraved disc break employees Computer password restrictions-vulnerability warning-the black bar safety net

In the enterprise because the employees separation from service caused by your computer not password and not use things often happen, this also increases the burden on administrators. In order to take important data copied out, and many of my friends had to reinstall the system, or even remove th...

Novell Client 4.91 SP4 nwspool.dll buffer overflow

Added: 08/10/2007 CVE: CVE-2007-6701 BID: 25092 OSVDB: 37319 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by buffer overflow vulnerabilities in several different functions, allowing remote...

Novell Client 4.91 SP4 nwspool.dll buffer overflow

Added: 08/10/2007 CVE: CVE-2007-6701 BID: 25092 OSVDB: 37319 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by buffer overflow vulnerabilities in several different functions, allowing remote...

Novell Client 4.91 SP4 nwspool.dll buffer overflow

Added: 08/10/2007 CVE: CVE-2007-6701 BID: 25092 OSVDB: 37319 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by buffer overflow vulnerabilities in several different functions, allowing remote...

Computer Associates Alert Notification Server buffer overflow

Added: 07/19/2007 CVE: CVE-2007-3825 BID: 24947 OSVDB: 36096 Background The Alert Notification Server is included with multiple Computer Associates products to provide notifications to console users. Problem The Alert Notification Server is affected by buffer overflow vulnerabilities in multiple...