75 matches found
CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection
$Id: catotaldefenseregeneratereports.rb 13810 2011-10-02 17:03:23Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration getSubKeys() Remote SQL Injection Exploit
?php / Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration Web Service getSubKeys Remote SQL Injection Exploit tested against: Microsoft Windows Server 2003 r2 sp2 Microsoft SQL Server 2005 Express download uri:...
Nortel Contact Recording Centralized Archive 6.5.1 - SQL Injection
Nortel Contact Recording Centralized Archive 6.5.1 - SQL Injection EyrAPIConfiguration /EyrAPIConfiguration/ ... at the following url: http://host:8080/EyrAPI/EyrAPIConfiguration/EyrAPIConfigurationIf Vulnerability: without prior authentication, you can reach a web service with various methods...
Nortel Contact Recording Centralized Archive 6.5.1 SQL Injection
EyrAPIConfiguration /EyrAPIConfiguration/ .. at the following url: http://host:8080/EyrAPI/EyrAPIConfiguration/EyrAPIConfigurationIf Vulnerability: without prior authentication, you can reach a web service with various methods availiable, as described inside the associated wsdl, see file:...
Nortel Contact Recording Centralized Archive 6.5.1 SQL Injection Exploit
Exploit for jsp platform in category web applications EyrAPIConfiguration /EyrAPIConfiguration/ ... at the following url: http://host:8080/EyrAPI/EyrAPIConfiguration/EyrAPIConfigurationIf Vulnerability: without prior authentication, you can reach a web service with various methods availiable, as...
Microsoft XML Editor Information Disclosure Vulnerability (2543893)
This host is missing an important security update according to Microsoft Bulletin MS11-049. OpenVAS Vulnerability Test $Id: secpodms11-049.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft XML Editor Information Disclosure Vulnerability 2543893 Authors: Antu Sanadi Copyright: Copyright c 2011 SecPod...
CVE-2011-1280
The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express SSMSE 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrar...
VMSA-2011-0003 : Third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3 Microsoft SQL Server 2005 Express Edition SQL Express distributed with vCenter Server 4.1 Update 1 and vCenter Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to...
Lyris ListManager - MSDE Weak sa Password (Metasploit)
$Id: lyrislistmanagerweakpass.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Database Password Hashes Cracking-vulnerability warning-the black bar safety net
SQL Server 2 0 0 0:- SELECT password from master. dbo. sysxlogins where name='sa' 0×010034767D5C0CFA5FDCA28C4A56085E65E882E71CB0ED250341 2FD54D6119FFF04129A1D72E7C3194F7284A7F3A 0×0 1 0 0 - constant header 34767D5C - salt 0CFA5FDCA28C4A56085E65E882E71CB0ED250341 - case senstive hash...
Microsoft SQL Server sp_replwritetovarbin Memory Corruption
$Id: ms09004spreplwritetovarbin.rb 8068 2010-01-05 00:02:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption
A heap-based buffer overflow can occur when calling the undocumented "spreplwritetovarbin" extended stored procedure. This vulnerability affects all versions of Microsoft SQL Server 2000 and 2005, Windows Internal Database, and Microsoft Desktop Engine MSDE without the updates supplied in MS09-00...
Microsoft Products GDI Plus Code Execution Vulnerabilities (957488)
This host is missing a critical security update according to Microsoft Bulletin MS09-062. OpenVAS Vulnerability Test $Id: secpodms09-062.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft Products GDI Plus Code Execution Vulnerabilities 957488 Authors: Sharath S Updated to Check Visio Viewer 2007 - B...
Lyris ListManager MSDE Weak sa Password
This module exploits a weak password vulnerability in the Lyris ListManager MSDE install. During installation, the 'sa' account password is set to 'lminstall'. Once the install completes, it is set to 'lyris' followed by the process ID of the installer. This module brute forces all possible proce...
Integer overflow
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Offic...
Heap overflow
Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and...
PT-2009-4908 · Microsoft · Works +26
Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer version 6 SP1 Windows XP versions SP2 and SP3 Office XP version SP3 Office 2003 version SP3 2007 Microsoft Office System versions SP1 and SP2 Office Project 2002 version SP1 Visio 2002 version SP2 Office Word Viewe...
Microsoft GDI+ PNG File Integer Overflow Remote Code Execution Vulnerability
Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes PNG image files. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts m...
Microsoft GDI+ CCITT G4 TIFF File Processing Memory Corruption Remote Code Execution Vulnerability
Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes TIFF image files. This issue occurs when CCITT G4 compressed TIFF images are decompressed. An attacker could exploit this issue to execute arbitrary code with...
Microsoft SQL Server sp_replwritetovarbin() BOF Vulnerability
This host is missing a critical security update according to Microsoft Bulletin MS09-004. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...