Summary
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 1998-06-29 |
Product | Sql Server | Last view | 2023-10-10 |
Version | 2005 | Type | |
Update | sp3 | ||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
5.5 | 2023-10-10 | CVE-2023-36728 | Microsoft SQL Server Denial of Service Vulnerability |
7.3 | 2023-04-11 | CVE-2023-23384 | Microsoft SQL Server Remote Code Execution Vulnerability |
7.8 | 2023-02-14 | CVE-2023-21718 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
8.8 | 2023-02-14 | CVE-2023-21713 | Microsoft SQL Server Remote Code Execution Vulnerability |
8.8 | 2023-02-14 | CVE-2023-21705 | Microsoft SQL Server Remote Code Execution Vulnerability |
7.8 | 2023-02-14 | CVE-2023-21704 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
7.8 | 2023-02-14 | CVE-2023-21528 | Microsoft SQL Server Remote Code Execution Vulnerability |
7.5 | 2022-06-15 | CVE-2022-29143 | Microsoft SQL Server Remote Code Execution Vulnerability |
8.8 | 2021-01-12 | CVE-2021-1636 | Microsoft SQL Elevation of Privilege Vulnerability |
8.8 | 2020-02-11 | CVE-2020-0618 | A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'. |
8.8 | 2019-07-15 | CVE-2019-1068 | A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'. |
7.5 | 2017-08-08 | CVE-2017-8516 | Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly enforces permissions, aka "Microsoft SQL Server Analysis Services Information Disclosure Vulnerability". |
8.8 | 2016-11-10 | CVE-2016-7254 | Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability." |
8.8 | 2016-11-10 | CVE-2016-7253 | The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly check the atxcore.dll ACL, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Server Agent Elevation of Privilege Vulnerability." |
8.8 | 2016-11-10 | CVE-2016-7250 | Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability." |
8.5 | 2015-07-14 | CVE-2015-1763 | Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 does not prevent use of uninitialized memory in certain attempts to execute virtual functions, which allows remote authenticated users to execute arbitrary code via a crafted query, aka "SQL Server Remote Code Execution Vulnerability." |
7.1 | 2015-07-14 | CVE-2015-1762 | Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014, when transactional replication is configured, does not prevent use of uninitialized memory in unspecified function calls, which allows remote authenticated users to execute arbitrary code by leveraging certain permissions and making a crafted query, as demonstrated by the VIEW SERVER STATE permission, aka "SQL Server Remote Code Execution Vulnerability." |
6.5 | 2015-07-14 | CVE-2015-1761 | Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified pointers, which allows remote authenticated users to gain privileges by leveraging certain write access, aka "SQL Server Elevation of Privilege Vulnerability." |
6.8 | 2014-08-12 | CVE-2014-4061 | Microsoft SQL Server 2008 SP3, 2008 R2 SP2, and 2012 SP1 does not properly control use of stack memory for processing of T-SQL batch commands, which allows remote authenticated users to cause a denial of service (daemon hang) via a crafted T-SQL statement, aka "Microsoft SQL Server Stack Overrun Vulnerability." |
4.3 | 2014-08-12 | CVE-2014-1820 | Cross-site scripting (XSS) vulnerability in Master Data Services (MDS) in Microsoft SQL Server 2012 SP1 and 2014 on 64-bit platforms allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "SQL Master Data Services XSS Vulnerability." |
4.3 | 2012-10-09 | CVE-2012-2552 | Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "Reflected XSS Vulnerability." |
4.3 | 2012-09-25 | CVE-2012-4015 | Cross-site scripting (XSS) vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted database entry. |
8.8 | 2012-08-14 | CVE-2012-1856 | The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce Server 2007 SP2, Commerce Server 2009 Gold and R2, Host Integration Server 2004 SP1, Visual FoxPro 8.0 SP1, Visual FoxPro 9.0 SP2, and Visual Basic 6.0 Runtime allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption, aka "MSCOMCTL.OCX RCE Vulnerability." |
4.3 | 2011-06-16 | CVE-2011-1280 | The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express (SSMSE) 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrary files via a crafted .disco (Web Service Discovery) file, aka "XML External Entities Resolution Vulnerability." |
9.3 | 2009-10-14 | CVE-2009-3126 | Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability." |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
26% (10) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
15% (6) | CWE-189 | Numeric Errors |
10% (4) | CWE-264 | Permissions, Privileges, and Access Controls |
7% (3) | CWE-200 | Information Exposure |
7% (3) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
5% (2) | CWE-399 | Resource Management Errors |
5% (2) | CWE-284 | Access Control (Authorization) Issues |
5% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
5% (2) | CWE-20 | Improper Input Validation |
2% (1) | CWE-502 | Deserialization of Untrusted Data |
2% (1) | CWE-326 | Inadequate Encryption Strength |
2% (1) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
2% (1) | CWE-74 | Failure to Sanitize Data into a Different Plane ('Injection') |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-20 | Encryption Brute Forcing |
CAPEC-58 | Restful Privilege Elevation |
CAPEC-112 | Brute Force |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:231 | SQL Server Extended Stored Procedure Parameter Parsing |
oval:org.mitre.oval:def:71 | Privilege Escalation Using Cached Admin Connection |
oval:org.mitre.oval:def:82 | Microsoft RPC Denial of Service |
oval:org.mitre.oval:def:83 | Microsoft SQL Server 3-Function Buffer Overflow |
oval:org.mitre.oval:def:253 | SQL Server Format String Vulnerability |
oval:org.mitre.oval:def:271 | SQL Server OpenDataSource/OpenRowset Buffer Overflow |
oval:org.mitre.oval:def:121 | Microsoft SQL Server Extended Stored Procedure Buffer Overflow |
oval:org.mitre.oval:def:489 | Unchecked Buffer in SQLXML ISAPI Extension for Microsoft Data Access Componen... |
oval:org.mitre.oval:def:484 | Unchecked Buffer in SQLXML ISAPI Extension for Microsoft Data Access Componen... |
oval:org.mitre.oval:def:291 | Unchecked Buffer in Password Encryption Procedure |
oval:org.mitre.oval:def:316 | MS SQL Server Bulk Insert Procedure Buffer Overflow |
oval:org.mitre.oval:def:1025 | Incorrect Permission on SQL Server Service Account Registry Key |
oval:org.mitre.oval:def:1077 | MS SQL Server 2000 Resolution Service Buffer Overflow |
oval:org.mitre.oval:def:235 | SQL Server Named Pipe Hijacking |
oval:org.mitre.oval:def:299 | SQL Server Named Pipe Denial of Service |
oval:org.mitre.oval:def:303 | SQL Server LPC Port Buffer Overflow |
oval:org.mitre.oval:def:14213 | Memory Page Reuse Vulnerability in SQL Server |
oval:org.mitre.oval:def:14052 | Convert Buffer Overrun Vulnerability in SQL Server |
oval:org.mitre.oval:def:13785 | Buffer Overrun Vulnerability in SQL Server |
oval:org.mitre.oval:def:13936 | Memory Corruption Vulnerability in SQL Server |
oval:org.mitre.oval:def:6055 | GDI+ VML Buffer Overrun Vulnerability |
oval:org.mitre.oval:def:6040 | GDI+ EMF Memory Corruption Vulnerability |
oval:org.mitre.oval:def:5986 | GDI+ GIF Parsing Vulnerability |
oval:org.mitre.oval:def:6004 | GDI+ WMF Buffer Overrun Vulnerability |
oval:org.mitre.oval:def:5881 | GDI+ BMP Integer Overflow Vulnerability |
SAINT Exploits
Description | Link |
---|---|
Microsoft SQL Server Reporting Services 2016 ViewState deserialization vulnerability | More info here |
Microsoft SQL Server Distributed Management Objects buffer overflow | More info here |
Microsoft SQL Server Hello buffer overflow | More info here |
Microsoft SQL Server spreplwritetovarbin Buffer Overflow | More info here |
Microsoft SQL Server 2000 resolution service buffer overflow | More info here |
Microsoft Office Art Property Table Memory Corruption | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
72934 | Microsoft XML Editor External Entities Resolution Unspecified Information Dis... |
60004 | Microsoft SQL Server Multiple Stored Procedure Unprivileged Configuration Man... |
59636 | Microsoft SQL Server SQL Authentication Password Encryption Weakness |
58869 | Microsoft Office Malformed Object Handling Memory Corruption Arbitrary Code E... |
58868 | Microsoft Multiple Products GDI+ PNG Image Handling Integer Overflow |
58867 | Microsoft Multiple Products GDI+ .NET API Code Execution Privilege Escalation |
58866 | Microsoft Multiple Products GDI+ TIFF Image Handling Memory Corruption Arbitr... |
58865 | Microsoft Multiple Products GDI+ TIFF Image Handling Overflow |
58864 | Microsoft Multiple Products GDI+ PNG Image Handling Heap Overflow |
58863 | Microsoft Multiple Products GDI+ WMF Image Handling Overflow |
50589 | Microsoft SQL Server 2000 sp_replwritetovarbin() Stored Procedure Overflow |
48220 | Microsoft SQL Server SQLVDIRLib.SQLVDirControl ActiveX (Tools\Binn\sqlvdir.dl... |
47969 | Microsoft Multiple Products GDI+ BMP Integer Calculation Overflow |
47968 | Microsoft Multiple Products GDI+ WMF Image Handling Overflow |
47967 | Microsoft Multiple Products GDI+ GIF Image Handling Arbitrary Code Execution |
47966 | Microsoft Multiple Products GDI+ EMF File Handling Memory Corruption |
47965 | Microsoft Multiple Products GDI+ VML Gradient Size Handling Overflow |
46773 | Microsoft SQL Server Memory Page Reuse Information Disclosure |
46772 | Microsoft SQL Server Convert Function Overflow |
46771 | Microsoft SQL Server Stored Backup File Processing Memory Corruption Arbitrar... |
46770 | Microsoft SQL Server Crafted Insert Statement Overflow |
38399 | Microsoft SQL Server Enterprise Manager Distributed Management Objects OLE DL... |
13434 | Microsoft Windows Distributed Transaction Coordinator (DTC) Malformed Input DoS |
10379 | Microsoft SQL Server Large Query DoS |
10183 | Microsoft SQL Server xp_sprintf Function DoS |
ExploitDB Exploits
id | Description |
---|---|
21693 | Microsoft SQL Server 2000 User Authentication Remote Buffer Overflow Vulnerab... |
OpenVAS Exploits
id | Description |
---|---|
2012-10-10 | Name : Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability (2754849) File : nvt/secpod_ms12-070.nasl |
2012-08-15 | Name : Microsoft Windows Common Controls Remote Code Execution Vulnerability (2720573) File : nvt/secpod_ms12-060.nasl |
2012-03-16 | Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl |
2011-06-21 | Name : Microsoft XML Editor Information Disclosure Vulnerability (2543893) File : nvt/secpod_ms11-049.nasl |
2011-01-18 | Name : Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593) File : nvt/gb_ms08-052.nasl |
2009-10-21 | Name : Microsoft Products GDI Plus Code Execution Vulnerabilities (957488) File : nvt/secpod_ms09-062.nasl |
2008-12-16 | Name : Microsoft SQL Server sp_replwritetovarbin() BOF Vulnerability File : nvt/gb_mssql_sp_replwritetovarbin_bof_vuln.nasl |
2008-12-02 | Name : Microsoft SQL Server 2000 sqlvdir.dll ActiveX Buffer Overflow Vulnerability File : nvt/secpod_ms_sql_server_2000_activex_bof_vuln_900125.nasl |
2008-10-14 | Name : MS SQL Server Elevation of Privilege Vulnerabilities (941203) File : nvt/gb_ms08-040.nasl |
2006-03-26 | Name : Microsoft's SQL Version Query File : nvt/mssql_version.nasl |
2005-11-03 | Name : MSDTC denial of service by flooding with nul bytes File : nvt/msdtc_dos.nasl |
2005-11-03 | Name : Microsoft's SQL Hello Overflow File : nvt/mssql_hello_overflow.nasl |
2005-11-03 | Name : SMB Registry : SQL7 Patches File : nvt/smb_mssql7.nasl |
2005-11-03 | Name : XML Core Services patch (Q318203) File : nvt/smb_nt_ms02-008.nasl |
2005-11-03 | Name : Cumulative Patch for Internet Information Services (Q327696) File : nvt/smb_nt_ms02-018.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0171 | Multiple Vulnerabilities in Microsoft SQL Server (MS15-058) Severity: Category II - VMSKEY: V0061125 |
2014-A-0126 | Multiple Vulnerabilities in Microsoft SQL Server Severity: Category II - VMSKEY: V0053801 |
2012-A-0160 | Microsoft SQL Server Cross-Site Scripting Vulnerability Severity: Category II - VMSKEY: V0034177 |
2012-A-0132 | Microsoft Windows Common Controls Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0033659 |
2011-B-0064 | Microsoft XML Editor Information Disclosure Vulnerability Severity: Category II - VMSKEY: V0028601 |
2011-A-0066 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0027158 |
2009-A-0099 | Multiple Vulnerabilities in Microsoft GDI+ Severity: Category I - VMSKEY: V0021759 |
2009-A-0012 | Microsoft SQL Server Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0018387 |
2008-T-0053 | WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability Severity: Category II - VMSKEY: V0017532 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | xp_updatecolvbm vulnerable function attempt RuleID : 8540 - Type : SERVER-MSSQL - Revision : 8 |
2014-01-10 | xp_updatecolvbm unicode vulnerable function attempt RuleID : 8539 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_updatecolvbm unicode vulnerable function attempt RuleID : 8538 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_showcolv vulnerable function attempt RuleID : 8531 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_showcolv unicode vulnerable function attempt RuleID : 8530 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_showcolv unicode vulnerable function attempt RuleID : 8529 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_SetSQLSecurity vulnerable function attempt RuleID : 8528 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_SetSQLSecurity unicode vulnerable function attempt RuleID : 8527 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_SetSQLSecurity unicode vulnerable function attempt RuleID : 8526 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_proxiedmetadata vulnerable function attempt RuleID : 8525 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_proxiedmetadata unicode vulnerable function attempt RuleID : 8524 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_proxiedmetadata unicode vulnerable function attempt RuleID : 8523 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_printstatements vulnerable function attempt RuleID : 8522 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_printstatements unicode vulnerable function attempt RuleID : 8521 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_printstatements unicode vulnerable function attempt RuleID : 8520 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_peekqueue vulnerable function attempt RuleID : 8519 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_peekqueue unicode vulnerable function attempt RuleID : 8518 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_peekqueue unicode vulnerable function attempt RuleID : 8517 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_enumresultset vulnerable function attempt RuleID : 8504 - Type : SERVER-MSSQL - Revision : 8 |
2014-01-10 | xp_enumresultset unicode vulnerable function attempt RuleID : 8503 - Type : SERVER-MSSQL - Revision : 8 |
2014-01-10 | xp_enumresultset unicode vulnerable function attempt RuleID : 8502 - Type : SERVER-MSSQL - Revision : 8 |
2014-01-10 | xp_displayparamstmt vulnerable function attempt RuleID : 8501 - Type : SERVER-MSSQL - Revision : 8 |
2014-01-10 | xp_displayparamstmt unicode vulnerable function attempt RuleID : 8500 - Type : SERVER-MSSQL - Revision : 8 |
2014-01-10 | xp_displayparamstmt unicode vulnerable function attempt RuleID : 8499 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | formatmessage possible buffer overflow RuleID : 8495 - Type : SQL - Revision : 6 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2017-08-08 | Name: The remote SQL server is affected by an information disclosure vulnerability. File: smb_nt_ms17_aug_mssql.nasl - Type: ACT_GATHER_INFO |
2016-11-08 | Name: The remote SQL server is affected by multiple vulnerabilities. File: smb_nt_ms16-136.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2011-0003_remote.nasl - Type: ACT_GATHER_INFO |
2015-07-14 | Name: The remote SQL Server installation is affected by multiple vulnerabilities. File: smb_nt_ms15-058.nasl - Type: ACT_GATHER_INFO |
2015-07-14 | Name: The remote SQL Server installation is affected by multiple vulnerabilities. File: smb_kb3065718.nasl - Type: ACT_GATHER_INFO |
2014-08-12 | Name: A cross-site scripting vulnerability in SQL Server could allow an elevation o... File: smb_nt_ms14-044.nasl - Type: ACT_GATHER_INFO |
2014-08-12 | Name: A cross-site scripting vulnerability in SQL Server could allow an elevation o... File: smb_kb2984340.nasl - Type: ACT_GATHER_INFO |
2014-03-10 | Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r... File: smb_kb957488.nasl - Type: ACT_GATHER_INFO |
2014-03-10 | Name: An application on the remote Windows host has an information disclosure vulne... File: smb_kb2543893.nasl - Type: ACT_GATHER_INFO |
2012-10-10 | Name: A cross-site scripting vulnerability in SQL Server could allow elevation of p... File: smb_kb2754849.nasl - Type: ACT_GATHER_INFO |
2012-10-10 | Name: A cross-site scripting vulnerability in SQL Server could allow elevation of p... File: smb_nt_ms12-070.nasl - Type: ACT_GATHER_INFO |
2012-08-15 | Name: The remote Windows host has a code execution vulnerability. File: smb_nt_ms12-060.nasl - Type: ACT_GATHER_INFO |
2011-06-15 | Name: An application on the remote Windows host has an information disclosure vulne... File: smb_nt_ms11-049.nasl - Type: ACT_GATHER_INFO |
2011-02-14 | Name: The remote VMware ESXi / ESX host is missing one or more security-related pat... File: vmware_VMSA-2011-0003.nasl - Type: ACT_GATHER_INFO |
2009-10-15 | Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r... File: smb_nt_ms09-062.nasl - Type: ACT_GATHER_INFO |
2009-02-11 | Name: A database application installed on the remote host is affected by a remote c... File: smb_kb959420.nasl - Type: ACT_GATHER_INFO |
2009-02-11 | Name: Arbitrary code can be executed on the remote host through Microsoft SQL Server. File: smb_nt_ms09-004.nasl - Type: ACT_GATHER_INFO |
2008-09-29 | Name: The remote SQL server is affected by multiple vulnerabilities. File: smb_kb941203.nasl - Type: ACT_GATHER_INFO |
2008-09-10 | Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r... File: smb_nt_ms08-052.nasl - Type: ACT_GATHER_INFO |
2008-07-08 | Name: The remote Microsoft SQL Server install is vulnerable to memory corruption fl... File: smb_nt_ms08-040.nasl - Type: ACT_GATHER_INFO |
2003-10-08 | Name: The remote SQL Server is affected by a local privilege escalation vulnerability. File: mssql_lte_7.nasl - Type: ACT_GATHER_INFO |
2003-07-24 | Name: Arbitrary code can be executed on the remote host through the SQL service. File: smb_nt_ms03-031.nasl - Type: ACT_GATHER_INFO |
2003-03-09 | Name: The remote SQL server is vulnerable to an information disclosure attack. File: smb_nt_ms00-035.nasl - Type: ACT_GATHER_INFO |
2003-03-06 | Name: It may be possible to get the remote SQL Server's administrator password. File: smb_nt_ms02-035.nasl - Type: ACT_GATHER_INFO |
2003-03-02 | Name: Arbitrary code can be executed on the remote host through Microsoft SQL server. File: smb_nt_ms02-030.nasl - Type: ACT_GATHER_INFO |