Microsoft SQL Server 7.0/2000,Data Engine 1.0/2000 xp_peekqueue Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2040/info The API Srvparaminfo, which is implemented by Extended Stored Procedures XPs in Microsoft SQL Server and Data Engine, is susceptible to a buffer overflow vulnerability which may cause the application to fail or...

Microsoft SQL Server 7.0/2000 JET Database Engine 4.0 Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7541/info Microsoft SQL Server is prone to an exploitable buffer overrun vulnerability via the Jet Database Engine. This can occur while the JET 4.0 OLE DB data provider is querying data supplied via a remote source and i...

Microsoft SQL Server Hello Overflow

No description provided by source. $Id: ms02056hello.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Microsoft SQL Server 7.0 - Remote Denial of Service Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/11265/info Reportedly Microsoft SQL Server is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle irregular network communications. An attacker may leverage th...

Microsoft SQL Server 2000 User Authentication Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5411/info A vulnerability has been discovered in Microsoft SQL Server that could make it possible for remote attackers to gain access to target hosts. It is possible for an attacker to cause a buffer overflow condition on...

Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection

No description provided by source. $Id: ms09004spreplwritetovarbinsqli.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensi...

Microsoft SQL Server Payload Execution via SQL injection

No description provided by source. $Id: mssqlpayloadsqli.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

Microsoft SQL Server Payload Execution

No description provided by source. $Id: mssqlpayload.rb 11392 2010-12-21 20:36:34Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

Microsoft SQL Server 2000 Resolution Service Heap Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5310/info A vulnerability in Microsoft SQL Server 2000 could allow remote attackers to access target hosts. A problem in the SQL Server Resolution Service allows a remote attacker to execute arbitrary code on a vulnerable...

Microsoft SQL Server 2000 Database Consistency Checkers Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5307/info Microsoft SQL Server 2000 includes utilities called Database Consistency Checkers DBCC. Several of these programs contain identical buffer overflows that, when exploited, could allow an attacker to execute...

MS SQL Server 2000,MS Jet 4.0 Engine Unicode Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5057/info Microsoft SQL Server is prone to a remotely exploitable unicode-based buffer overflow condition. This condition occurs when the OpenDataSource function is used with MS Jet Engine. This issue may be exploited to...

Microsoft SQL Server 2000 sp_MScopyscript SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5309/info The Microsoft SQL Server 2000 spMScopyscript stored procedure does not sufficiently validate input before passing it to the xpcmdshell extended stored procedure. An attacker with the ability to execute a query o...

Microsoft SQL Server 7.0/2000,MSDE Named Pipe Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8274/info Microsoft SQL Server and the Microsoft Data Engine have been reported prone to a denial of service attack. Any local or remote user, who can authenticate and is part of the Everyone Group, may trigger a denial o...

Microsoft SQL Server 7.0/7.0 SP1 NULL Data DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/817/info If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data it will crash. The crash will generate an event in the log with ID 17055 fatal exception EXCEPTIONACCESS VIOLATION. / sqldos...

用友软件股份有限公司流通与零售行业事业部POST注射

简要描述： 用友软件分站流通与零售行业事业部某处出现POST注射， SA权限。只发现问题，不深入，不作恶。 详细说明： http://soft-sk.yonyou.com/service/jszc.jsp URL asktypeid=---注射点---&enddate=JyI%3d&prikey=1&startdate=01/01/1967&Submit=%b2%e9%d1%af POST数据 漏洞证明： web application technology: JSP back-end DBMS: Microsoft SQL Server 2008 current user: 'sa'...

Microsoft SQL 2000 Slammer Worm Denial of Service (CVE-2002-0649)

Slammer is a memory resident worm targeted to attack Microsoft SQL 2000. By propagating rapidly, the worm can cause a denial of service condition on affected targets...

用友某通用系统sql注入

简要描述： 用友某通用系统注入 详细说明： 用友TurboCRM存在通用sql注入 http://www.qinyuancrm.com/login/forgetpswd.php?orgcode=1&loginname=dsdfsfds loginname参数存在mssql timebased盲注 Place: GET Parameter: loginname Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: orgcode=1&loginname=dsdfsfds';...

How to migrate Veeam Backup & Replication or Veeam Backup Enterprise Manager

Veeam Backup & Replication Migration Details regarding Veeam Backup & Replication migration are now fully documented in the product user guide. Please review the following documentation: Migrating Veeam Backup & Replication to Another Server Other Migration Types: Migrating Veeam Backup &...

大汉版通政府信息公开系统SQL注射2

简要描述： SQL 详细说明： 政府信息公开系统 某处sql注射漏洞 另一个文件里的参数 注入点 zfxxgk/serviceobjectinfo.jsp?servicebm= servicebm过滤不严存在注射 政府网站案例 sqlmap.py -u "http://xxgk.sihong.gov.cn/zfxxgk/serviceobjectinfo.jsp?s ervicebm=" --is-dba --dbs --- Place: GET Parameter: servicebm Type: boolean-based blind Title: AND boolean-based...

大汉版通政府信息公开系统SQL注射

简要描述： 政府信息公开系统 详细说明： 政府信息公开系统 某处sql注射漏洞 注入点 zfxxgk/subjectinfo.jsp?subjectbm= subjectbm参数过滤不严，导致注入 政府网站案例 sqlmap.py -u "http://xxgk.sihong.gov.cn/zfxxgk/subjectinfo.jsp?subjectbm=" --is-dba --dbs payload Place: GET Parameter: subjectbm Type: boolean-based blind Title: AND boolean-based blind -...