SHARE
CORE IMPACT v10 - Exploits Update (Thu Mar 18 2010)
Microsoft SQL Server sp_replwritetovarbin Remote Heap Overflow Exploit Update
Exploits/Remote [Windows]
• Thu Mar 18 2010
This module exploits a heap-based buffer overflow in the Microsoft SQL Server by sending a specially crafted SQL query. This update adds support for executestatement() functionality within the WebApps vector. It has two uses: One as a Remote Exploit which needs authentication, and another as an SQL Injection Agent installer module, which needs an SQL Agent as a target.
Exploits Vulnerabiltiy: CVE-2008-5416