4519 matches found
CVE-2015-9098
CVE-2015-9098 affects Redgate SQL Monitor versions prior to 3.10 and 4.x prior to 4.2. A remote unauthenticated attacker can gain access to the Base Monitor and execute arbitrary SQL commands on any monitored Microsoft SQL Server machines; if the Base Monitor connects using an account with SQL ad...
CVE-2015-9098
In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated access to the Base Monitor, resulting in the ability to execute arbitrary SQL commands on any monitored Microsoft SQL Server machines. If the Base Monitor is connecting to these machines using an...
XenMobile Server is in recovery mode "application failed to start"
Could be observed in multiple scenarios 1. Unable to access one of the node in the cluster. 2. Server went into recovery mode while upgrading or applying patch 3. Server went into recovery mode when the database is not accessible 4. SQLserverran out of space for log drive Node in recovery mode an...
Veeam Explorer for SQL (VESQL): Unable to pass current account's context to the mount server
Challenge When attempting to restore a database using Veeam Explorer for Microsoft SQL Server with the "Use current account" option, the following error occurs: Access is denied: unable to pass current account's context to the mount server, please supply credentials and try again. Cause Veeam...
Update Rollup 2 for System Center 2016 Data Protection Manager
Update Rollup 2 for System Center 2016 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 2 for Microsoft System Center 2016 Data Protection Manager. It also contains the installation instructions for this update.Note Existing Data Protection...
Introducing RubySMB: The Protocol Library Nobody Else Wanted To Write
The Server Message Block SMB protocol family is arguably one of the most important network protocols to be conversant in as a security professional. It carries the capability for File and Print Sharing, remote process execution, and an entire system of Named Pipes that serve as access points to a...
Firebird SQL Server for Linux Installed (credentialed check)
Firebird SQL Server, an open source database server, is installed on the remote Linux host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid99133; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/05/24"; scriptxrefname:"IAVT",...
Firebird SQL Server for Linux 2.5.x < 2.5.7 / 3.0.x < 3.0.2 UDF Libraries RCE
The version of Firebird SQL Server for Linux installed on the remote host is 2.5.x prior to 2.5.7 or 3.0.x prior to 3.0.2. It is, therefore, affected by a flaw in the UDF component due to insufficient restrictions on access to external functions by the symbols of the UDF library. An authenticated...
List of hotfixes and updates that are contained in System Center Configuration Manager 2007 Service Pack 2
Lists Microsoft Knowledge Base KB articles that describe the hotfixes and updates that are contained in Microsoft System Center Configuration Manager 2007 Service Pack 2 SP2.INTRODUCTIONThis article lists Microsoft Knowledge Base KB articles that describe the hotfixes and updates that are contain...
Firebird - Relational Database CNCT Group Number Buffer Overflow Exploit
Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Firebird Relational Database CNCT Group Number Buffer Overflow',...
MySQL: Multiple vulnerabilities
Background MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL. Description Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact An attacker could possibly escalat...
Microsoft SQL Server Clr Stored Procedure Payload Execution Exploit
Exploit for windows platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Microsoft SQL Server Clr Stored Procedure Payload Execution',...
Microsoft SQL Server Clr Stored Procedure Payload Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Microsoft SQL Server Clr Stored Procedure Payload Execution', 'Description' = %q This module executes an arbitrary native paylo...
Microsoft SQL Server Clr Stored Procedure Payload Execution
This module executes an arbitrary native payload on a Microsoft SQL server by loading a custom SQL CLR Assembly into the target SQL installation, and calling it directly with a base64-encoded payload. The module requires working credentials in order to connect directly to the MSSQL Server. This...
Update Rollup 12 for System Center 2012 R2 Virtual Machine Manager
Update Rollup 12 for System Center 2012 R2 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 12 for Microsoft System Center 2012 R2 Virtual Machine Manager. There are three updates available for System Center 2012 R2 Virtual Machine Manager: on...
Default Credentials Found in Schneider Electric Wonderware Historian
The Industrial Control System Cyber Emergency Response Team ICS-CERT on Tuesday published an advisory warning of a critical vulnerability in Schneider Electric Wonderware Historian, a platform used to capture, store and manage big data. The vulnerability, CVE-2017-5155, can be exploited to target...
Microsoft Dynamics CRM 2011 Update Rollup 15
Microsoft Dynamics CRM 2011 Update Rollup 15 We have identified a compatibility issue that occurs when you use the Microsoft Dynamics CRM 2011 Client for Outlook with Update Rollup 15 applied against a Dynamics CRM 2013 server. This issue does not affect Dynamics CRM 2011 servers. A new Update...
Schneider Electric Wonderware Historian
CVSS V3 7.3 ATTENTION: Remotely exploitable/Low skill level to exploit Vendor: Schneider Electric Equipment: Wonderware Historian Vulnerability: Credentials Management AFFECTED PRODUCTS The following Wonderware Historian versions are affected: Wonderware Historian 2014 R2 SP1 P01 and earlier...
Update Rollup 4 for System Center 2012 R2 Virtual Machine Manager
Update Rollup 4 for System Center 2012 R2 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 4 for Microsoft System Center 2012 R2 Virtual Machine Manager VMM. There are two updates available for System Center 2012 R2 Virtual Machine Manager. On...
Description of Update Rollup 5 for System Center 2012 R2 Data Protection Manager
Description of Update Rollup 5 for System Center 2012 R2 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 5 for Microsoft System Center 2012 R2 Data Protection Manager. Additionally, this article contains the installation instructions for Upda...