Microsoft SQL Server Suspicious Command Detection

Binary data 5393.prm...

Database Password Hashes Cracking-vulnerability warning-the black bar safety net

SQL Server 2 0 0 0:- SELECT password from master. dbo. sysxlogins where name='sa' 0×010034767D5C0CFA5FDCA28C4A56085E65E882E71CB0ED250341 2FD54D6119FFF04129A1D72E7C3194F7284A7F3A 0×0 1 0 0 - constant header 34767D5C - salt 0CFA5FDCA28C4A56085E65E882E71CB0ED250341 - case senstive hash...

Microsoft Data Analyzer ActiveX Control Remote Code Execution (MS10-008; CVE-2010-0252)

Microsoft Data Analyzer is a data analysis software for Microsoft Office XP. Microsoft Data Analyzer allows analyzing and visualizing data and data trends, and is integrated with SQL Server Analysis Services. Reports and graphs generated could be saved as Excel or PowerPoint files. A remote code...

CVE-2009-3035

The web console in Symantec Altiris Notification Server 6.0.x before 6.0 SP3 R12 uses a hardcoded key that can decrypt SQL Server credentials and certain discovery credentials, and stores this key on the Notification Server machine, which allows local users to obtain sensitive information and...

Hardcoded credentials

The web console in Symantec Altiris Notification Server 6.0.x before 6.0 SP3 R12 uses a hardcoded key that can decrypt SQL Server credentials and certain discovery credentials, and stores this key on the Notification Server machine, which allows local users to obtain sensitive information and...

CVE-2009-3035

Symantec Altiris Notification Server 6.0.x prior to SP3 R12 stores a static encryption key on the server to encrypt credentials used for discovery and SQL Server access. The hardcoded key can decrypt these credentials, enabling local users to obtain sensitive information and, if decrypted credent...

CVE-2009-3035

The web console in Symantec Altiris Notification Server 6.0.x before 6.0 SP3 R12 uses a hardcoded key that can decrypt SQL Server credentials and certain discovery credentials, and stores this key on the Notification Server machine, which allows local users to obtain sensitive information and...

Blaze Apps 1.4.0.051909 Cross Site Scripting / SQL Injection

www.BugReport.ir AmnPardaz Security Research Team Title: Blaze Apps Multiple Vulnerabilities Vendor: http://blazeapps.codeplex.com Vulnerable Version: 1.4.0.051909 and prior versions Exploitation: Remote with browser Fix: N/A - Description: Blaze Apps is a ASP .NET 2 Content Management System. It...

Various database password hash access statement-vulnerability warning-the black bar safety net

There is no access, can also grab? Various database password hash get the statement, you can also directly use the sqlmap this injection tool! SQL Server 2 0 0 0:- SELECT password from master. dbo. sysxlogins where name='sa' 0×010034767D5C0CFA5FDCA28C4A56085E65E882E71CB0ED250341...

Blaze Apps Multiple Vulnerabilities

www.BugReport.ir AmnPardaz Security Research Team Title: Blaze Apps Multiple Vulnerabilities Vendor: http://blazeapps.codeplex.com Vulnerable Version: 1.4.0.051909 and prior versions Exploitation: Remote with browser Fix: N/A - Description: Blaze Apps is a ASP .NET 2 Content Management System. It...

[security bulletin] HPSBPI02500 SSRT090263 rev.1 - HP Web Jetadmin, Remote Unauthorized Access to Data, Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01975278 Version: 1 HPSBPI02500 SSRT090263 rev.1 - HP Web Jetadmin, Remote Unauthorized Access to Data, Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upo...

CVE-2009-4182

Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a remote SQL server is used, allow remote attackers to obtain access to data or cause a denial of service, possibly by leveraging authentication and encryption weaknesses on the SQL server...

Design/Logic Flaw

Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a remote SQL server is used, allow remote attackers to obtain access to data or cause a denial of service, possibly by leveraging authentication and encryption weaknesses on the SQL server...

CVE-2009-4182

Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a remote SQL server is used, allow remote attackers to obtain access to data or cause a denial of service, possibly by leveraging authentication and encryption weaknesses on the SQL server...

CVE-2009-4182

HP Web Jetadmin 10.2 and later uses a remote SQL Server and is affected by multiple vulnerabilities that can allow remote unauthorized access to data and DoS. The root cause involves authentication and encryption weaknesses on the SQL server and insufficient network protections, per HP/SRT bullet...

Novell ZENworks Asset Management docfiledownload Remote SQL Injection Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Asset Management. Authentication is not required to exploit this vulnerability. The specific flaw exists due to insufficient sanity checks on the documentID parameter to the...

HPSBPI02500 SSRT090263 rev.2 - HP Web Jetadmin, Remote Unauthorized Access to Data, Denial of Service (DoS)

Potential Security Impact Remote unauthorized access to data, Denial of Service DoS VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Web Jetadmin. The vulnerabilities could be exploited remotely to gain unauthorized access to data or to create a Denial of...

Microsoft SQL Server sp_replwritetovarbin Memory Corruption

$Id: ms09004spreplwritetovarbin.rb 8068 2010-01-05 00:02:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption

A heap-based buffer overflow can occur when calling the undocumented "spreplwritetovarbin" extended stored procedure. This vulnerability affects all versions of Microsoft SQL Server 2000 and 2005, Windows Internal Database, and Microsoft Desktop Engine MSDE without the updates supplied in MS09-00...

Microsoft Data Access Components Broadcast Reply Buffer Overflow (MS04-003; CVE-2003-0903)

The SQL Server Resolution Protocol is a simple application-level protocol that is used for the transfer of requests and responses between clients and database server discovery services. Microsoft Data Access Components MDAC is a collection of components that provides the underlying functionality...