Showing 1 - 1 of 1

CVE-2000-1209

Status Candidate

Overview

The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.

Related Files

Microsoft SQL Server Payload Execution via SQL injection: Posted Jan 29, 2011; Authored by Rodrigo Marcos, David Kennedy, jduck | Site metasploit.com; This Metasploit module will execute an arbitrary payload on a Microsoft SQL Server, using a SQL injection vulnerability. Once a vulnerability is identified this module will use xp_cmdshell to upload and execute Metasploit payloads. It is necessary to specify the exact point where the SQL injection vulnerability happens.; tags | exploit, arbitrary, sql injection; advisories | CVE-2000-0402, CVE-2000-1209, OSVDB-15757; SHA-256 | 5c71a8e0d959c8b1f43ce27c1cfb87641e1abf71b42047e2636fd0256601f31a; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 270 files
Ubuntu 54 files
Gentoo 33 files
Debian 26 files
Ahmet Umit Bayram 10 files
Apple 9 files
malvuln 7 files
Jann Horn 5 files
Google Security Research 5 files
nu11secur1ty 4 files

File Archives

Systems

AIX (429)
Apple (2,088)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,051)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,500)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,873)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,976)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,535)
UNIX (9,409)
UnixWare (187)
Windows (6,660)
Other

CVE-2000-1209

Overview

Related Files

File Archive:

June 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems