Under The Hoodie: The Pen Test Diaries

Breaking In So You Don’t Have To Each year, Rapid7 penetration testers conduct over 1,000 security assessments, pushing boundaries to expose vulnerabilities before the bad guys do. The mission? Get in, escalate privileges, and own the environment—physically, digitally, or sometimes just by...

CVE-2024-27941

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected client systems do not properly sanitize input data before sending it to the SQL server. An attacker could use this vulnerability to compromise the whole database...

CVE-2002-0700

This CVE concerns Microsoft Content Management Server (MCMS) 2001, where a buffer overflow in the Profile Service (an MDAC-related function used during user authentication) can allow an attacker to execute code in the Local System context by authenticating to a vulnerable web page. The issue is c...

CVE-2002-0700

Buffer overflow in a system function that performs user authentication for Microsoft Content Management Server MCMS 2001 allows attackers to execute code in the Local System context by authenticating to a web page that calls the function, aka "Unchecked Buffer in MDAC Function Could Enable SQL...

Security Bulletin MS02-040: Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise (Q326573)

---------------------------------------------------------------------- Title: Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise Q326573 Date: 31 July 2002 Software: Microsoft Data Access Components Impact: Run code of attacker's choice Max Risk: Moderate Bulletin: MS02-040...