MS08-040: Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)

The remote host is running a version of Microsoft SQL Server, Desktop Engine or Internal Database that is vulnerable to multiple memory corruption issues. These vulnerabilities may allow an attacker to gain elevates privileges on the server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Microsoft SQL Server Convert Function Remote Memory Corruption Vulnerability

Description Microsoft SQL Server is prone to a remote memory-corruption vulnerability because it fails to perform adequate boundary checks on user-supplied input. Authenticated attackers can exploit this issue to execute arbitrary code and completely compromise affected computers. Failed attacks...

Microsoft SQL Server Memory Page Reuse Information Disclosure Vulnerability

Description Microsoft SQL Server is prone to an information-disclosure vulnerability caused by a memory-reallocation flaw. An attacker with operator access may leverage this issue to obtain potentially sensitive information that could aid in further attacks. Technologies Affected Microsoft Data...

doITlive CMS <= 2.50 (SQL Injection/XSS) Multiple Vulnerabilities

Exploit for unknown platform in category web applications ================================================================= doITlive CMS = 2.50 SQL Injection/XSS Multiple Vulnerabilities ================================================================= AmnPardaz Security Research Team Title:...

reddot-sql.txt

RedDot CMS SQL injection vulnerability CVE Number: CVE-2008-1613 http://www.irmplc.com/index.php/167-Advisory-026 Vulnerability Type/Importance: SQL injection/Critical Problem Discovered: 12 February 2008 Vendor Contacted: 19 February 2008 Advisory Published: 21 April 2008 Abstract: The RedDot CM...

[Full-disclosure] IRM Security Advisory : RedDot CMS SQL injection vulnerability

RedDot CMS SQL injection vulnerability CVE Number: CVE-2008-1613 http://www.irmplc.com/index.php/167-Advisory-026 Vulnerability Type/Importance: SQL injection/Critical Problem Discovered: 12 February 2008 Vendor Contacted: 19 February 2008 Advisory Published: 21 April 2008 Abstract: The RedDot CM...

Sun Java Web Start dnsResolve ActiveX Buffer Overflow (CVE-2007-5019)

Microsoft SQL Server is a Relational Database Management System RDBMS that can be managed through Distributed Management Objects DMO. A remote attacker can exploit this issue to execute arbitrary code on vulnerable server...

Microsoft SQL Server Distributed Management Objects buffer overflow

Added: 10/11/2007 CVE: CVE-2007-4814 BID: 25594 OSVDB: 38399 Background Microsoft SQL Server includes a Distributed Management Object model which offers a modern, object-oriented alternative to using stored procedures. The Distributed Management Object model is implemented by the sqldmo.dll Activ...

Microsoft SQL Server Distributed Management Objects buffer overflow

Added: 10/11/2007 CVE: CVE-2007-4814 BID: 25594 OSVDB: 38399 Background Microsoft SQL Server includes a Distributed Management Object model which offers a modern, object-oriented alternative to using stored procedures. The Distributed Management Object model is implemented by the sqldmo.dll Activ...

Microsoft SQL Server Distributed Management Objects buffer overflow

Added: 10/11/2007 CVE: CVE-2007-4814 BID: 25594 OSVDB: 38399 Background Microsoft SQL Server includes a Distributed Management Object model which offers a modern, object-oriented alternative to using stored procedures. The Distributed Management Object model is implemented by the sqldmo.dll Activ...

Microsoft SQL Server Distributed Management Objects buffer overflow

Added: 10/11/2007 CVE: CVE-2007-4814 BID: 25594 OSVDB: 38399 Background Microsoft SQL Server includes a Distributed Management Object model which offers a modern, object-oriented alternative to using stored procedures. The Distributed Management Object model is implemented by the sqldmo.dll Activ...

CVE-2007-5090

Unspecified vulnerability in IBM Rational ClearQuest CQ, when a Microsoft SQL Server or an IBM DB2 database is used, allows attackers to corrupt data via unspecified vectors...

Code injection

Unspecified vulnerability in IBM Rational ClearQuest CQ, when a Microsoft SQL Server or an IBM DB2 database is used, allows attackers to corrupt data via unspecified vectors...

PT-2007-6187 · Microsoft +1 · Sql Server +2

Name of the Vulnerable Software and Affected Versions: IBM Rational ClearQuest CQ affected versions not specified Description: The issue allows attackers to corrupt data via unspecified vectors when a Microsoft SQL Server or an IBM DB2 database is used. Recommendations: At the moment, there is no...

Microsoft SQL Server Distributed Management Objects BoF Exploit

No description provided by source. !-- + title: Microsoft SQL Server Distributed Management Objects Buffer Overflow + Critical: Critical remote + Impact: MS Internet Explorer 6 - Code Execute + Tested Operating System: Windows XP SP2 KR, Windows 2000 Pro SP4 KR + Tested Software: MSDE 2000...

Microsoft SQL Server sqldmo.dll ActiveX控件缓冲区溢出漏洞

BUGTRAQ ID: 25594 Apache HTTP Server是一款流行的Web服务器。 Microsoft SQL Server分布式管理对象OLE DLL（sqldmo.dll）中存在缓冲区溢出漏洞。如果用户受骗访问了恶意网页并向该控件的Start方式传送了超长字符的话，就可能触发这个溢出，导致执行任意代码。 Microsoft SQL Server 2005 SP2 Microsoft --------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

mssql-bof.txt

Code Execute + Tested Operating System: Windows XP SP2 KR, Windows 2000 Pro SP4 KR + Tested Software: MSDE 2000 SQLDMO.dll version 2000.80.760.0 + Reference & Thanks : code by rgod http://www.milw0rm.com/exploits/4379 code by Trirat Puttaraksa http://www.milw0rm.com/exploits/2426 + Author: 96sysi...

Microsoft SQL Server - Distributed Management Objects Buffer Overflow

Microsoft SQL Server - Distributed Management Objects Buffer Overflow Code Execute + Tested Operating System: Windows XP SP2 KR, Windows 2000 Pro SP4 KR + Tested Software: MSDE 2000 SQLDMO.dll version 2000.80.760.0 + Reference & Thanks : code by rgod http://www.milw0rm.com/exploits/4379 code by...

Microsoft SQL Server - Distributed Management Objects Buffer Overflow

Code Execute + Tested Operating System: Windows XP SP2 KR, Windows 2000 Pro SP4 KR + Tested Software: MSDE 2000 SQLDMO.dll version 2000.80.760.0 + Reference & Thanks : code by rgod http://www.milw0rm.com/exploits/4379 code by Trirat Puttaraksa http://www.milw0rm.com/exploits/2426 + Author: 96sysi...

CVE-2007-4814

CVE-2007-4814 affects the SQL Server Distributed Management Objects (DMO) ActiveX control sqldmo.dll. A buffer overflow in the Start method is triggered by a long argument, enabling remote code execution. Exploitation details are documented in SAINT references, with note that exploits exist for M...