12 matches found
Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection
No description provided by source. $Id: ms09004spreplwritetovarbinsqli.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensi...
Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (MS09-004) (Metasploit)
$Id: ms09004spreplwritetovarbin.rb 11631 2011-01-24 19:37:58Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft SQL Server spreplwritetovarbin Buffer Overflow
Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...
Microsoft SQL Server spreplwritetovarbin Buffer Overflow
Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...
Microsoft SQL Server spreplwritetovarbin Buffer Overflow
Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...
MS09-004: Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420)
The remote host is running a version of Microsoft SQL Server, Desktop Engine or Internal Database that suffers from an authenticated, remote code execution vulnerability in the extended stored procedure 'spreplwritetovarbin' due to an invalid parameter check. Successful exploitation could allow a...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-5416. Reason: This candidate is a duplicate of CVE-2008-5416. Notes: All CVE users should reference CVE-2008-5416 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2008-4270
CVE-2008-4270 is rejected/not used; reference CVE-2008-5416 instead; this entry does not represent an active vulnerability.
Microsoft SQL Server fails to properly validate parameters to the sp_replwritetovarbin extended stored procedure
Overview A vulnerability in the Microsoft SQL Server spreplwritetovarbin extended stored procedure could allow an authenticated attacker to execute arbitrary code on an affected server. Description Some versions of Microsoft SQL Server contain a vulnerability in the spreplwritetovarbin stored...
CVE-2008-5416
creationtimestamp| type| source ---|---|--- 2008-12-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/7501 2011-01-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16392 2011-02-08 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16396 2018-05-29...
Immunity Canvas: MSSQL_REPLWRITETOVARBIN
Name| mssqlreplwritetovarbin ---|--- CVE| CVE-2008-5416 Exploit Pack| CANVAS Description| replwritetovarbin stored procedure overflow. Notes| CVE Name: CVE-2008-5416 VENDOR: Microsoft Notes: Exploit only works against non-DEP enabled targets. Repeatability: One-shot MSADV: MS09-004 References:...
CVE-2008-5416
The connected KB/MS advisory confirms CVE-2008-5416 relates to a heap-based memory overwrite flaw in SQL Server via the sp_replwritetovarbin extended stored procedure. It affects multiple SQL Server family products and service packs (SQL Server 2000 SP4/MSDE 2000, SQL Server 2005 SP2, WYukon/Wind...