Bugtraq mailing list archives
MS SQL Server Hello Overflow NASL script
From: Dave Aitel <dave () immunitysec com>
Date: 07 Aug 2002 11:10:19 -0400
Since people seem unable to type: export LD_LIBRARY_PATH=. ; ./generic_send_tcp target 1433 audits/MSSQL/mssql.spk; I've attached a NASL script that will also demonstrate the vulnerability. It even has the correct ID number and will soon be available from the Nessus homepage as well, for those of you who do a daily auto-update. I'm not, however, planning to release NASL scripts for the Exchange 2000 vulnerabilities, nor do I plan to release a working exploit for the SQL Server vulnerability (except to Immunity, Inc. larger customers, who have access to all of Immunity's ongoing research.) Dave Aitel Immunity, Inc. http://www.immunitysec.com/
Attachment:
mssql_hello_overflow.nasl
Description:
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- MS SQL Server Hello Overflow NASL script Dave Aitel (Aug 07)