Microsoft SQL Server sp_replwritetovarbin() BOF Vulnerability

This host is missing a critical security update according to Microsoft Bulletin MS09-004. OpenVAS Vulnerability Test $Id: gbmssqlspreplwritetovarbinbofvuln.nasl 7573 2017-10-26 09:18:50Z cfischer $ Microsoft SQL Server spreplwritetovarbin BOF Vulnerability Authors: Chandan S Copyright: Copyright ...

MS-SQL Server Sp_replwritetovarbin Stored Procedure Buffer Overflow (CVE-2008-5416)

Microsoft SQL Server is a relational database management system RDBMS. A buffer overflow vulnerability has been reported in Microsoft SQL Server. The vulnerability is due to an error in the Microsoft SQL Server when calling the extended stored procedure spreplwritetovarbin with a set of crafted...

Microsoft SQL Server sp_replwritetovarbin远程堆溢出漏洞

BUGTRAQ ID: 32710 Microsoft SQL Server是一款流行的SQL数据库系统。 SQL Server的spreplwritetovarbin扩展存储过程中存在堆溢出漏洞。如果远程攻击者在参数中提供了未初始化变量的话，就可以触发这个溢出，向可控的位置写入内存，导致以有漏洞SQL Server进程的权限执行任意代码。 在默认的配置中，任何用户都可以访问spreplwritetovarbin过程。通过认证的用户可以通过直接的数据库连接或SQL注入来利用这个漏洞。 Microsoft SQL Server 2005 SP2 Microsoft SQL Server...

Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite (update to SEC Consult SA-20081209)

Update to SEC Consult Security Advisory 20081210-0 Microsoft SQL Server spreplwritetovarbin limited memory overwrite vulnerability =================================================================== Summary: ------------ By calling the extended stored procedure spreplwritetovarbin, an attacker ca...

Microsoft SQL Server 2000 sp_replwritetovarbin privilege escalation

It's possible to overwrite process internal data and execute code in server context...

CVE-2008-5416

Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine MSDE 2000 SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine WMSDE on Windows Server 2003 SP1 and SP2; and Windows Internal Database WYukon SP2...

Heap overflow

Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine MSDE 2000 SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine WMSDE on Windows Server 2003 SP1 and SP2; and Windows Internal Database WYukon SP2...

CVE-2008-5416

Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine MSDE 2000 SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine WMSDE on Windows Server 2003 SP1 and SP2; and Windows Internal Database WYukon SP2...

CVE-2008-5416

The connected KB/MS advisory confirms CVE-2008-5416 relates to a heap-based memory overwrite flaw in SQL Server via the sp_replwritetovarbin extended stored procedure. It affects multiple SQL Server family products and service packs (SQL Server 2000 SP4/MSDE 2000, SQL Server 2005 SP2, WYukon/Wind...

CVE-2008-5416

Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine MSDE 2000 SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine WMSDE on Windows Server 2003 SP1 and SP2; and Windows Internal Database WYukon SP2...

Microsoft SQL Server 'sp_replwritetovarbin' Remote Memory Corruption Vulnerability

Description Microsoft SQL Server is prone to a remote memory-corruption vulnerability because it fails to properly handle user-supplied input. Authenticated attackers can exploit this issue to execute arbitrary code and completely compromise affected computers. Failed attacks will likely cause...

[Full-disclosure] SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability

SEC Consult Security Advisory 20081209-0 ===================================================================================== title: Microsoft SQL Server 2000 spreplwritetovarbin limited memory overwrite vulnerability program: Microsoft SQL Server 2000 vulnerable version: =8.00.2039 homepage:...

Microsoft SQL Server 2000 sqlvdir.dll ActiveX Buffer Overflow Vulnerability

Microsoft SQL Server is prone to a buffer-overflow vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft SQL Server 2000 sqlvdir.dll ActiveX Buffer Overflow Vulnerability

The host is running Microsoft SQL Server, which is prone to buffer-overflow vulnerability. OpenVAS Vulnerability Test $Id: secpodmssqlserver2000activexbofvuln900125.nasl 5370 2017-02-20 15:24:26Z cfi $ Description: Microsoft SQL Server 2000 sqlvdir.dll ActiveX Buffer Overflow Vulnerability Author...

ms-sql-info NSE Script

Attempts to determine configuration and version information for Microsoft SQL Server instances. SQL Server credentials required: No will not benefit from mssql.username & mssql.password. Run criteria: Host script: Will always run. Port script: N/A NOTE: Unlike previous versions, this script will...

ZDI-08-071: IBM Tivoli Storage Manager Express for Microsoft SQL Heap Overflow Vulnerability

ZDI-08-071: IBM Tivoli Storage Manager Express for Microsoft SQL Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-071 October 30, 2008 -- Affected Vendors: IBM -- Affected Products: IBM Tivoli Storage Manager Express -- TippingPointTM IPS Customer Protection:...

IBM Tivoli Storage Manager Express buffer overflow

Buffer overflow in dsmcat.exe service in Storage Manager for Microsoft SQL...

IBM Tivoli Storage Manager Express for Microsoft SQL Heap Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager Express for Microsoft SQL. Authentication is not required to exploit this vulnerability. The specific flaw resides in the Data Protection for SQL CAD service, dsmcat.exe, which...

DorsaCms (ShowPage.aspx) Remote SQL Injection Vulnerability

No description provided by source. --------------------------------------------------------- Portal Name: Dorsa CMS Vendor : http://www.dorsacms.com Description : A CMS written by iranian programmers which uses by governmental websites. Vulnerable File : ShowPage.aspx Dork: Powered by DorsaCms...

Microsoft SQL Server Elevation of Privilege Vulnerabilities (941203)

This host has Microsoft SQL Server, which is prone to Privilege Escalation Vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...