header-logo
Suggest Exploit
vendor:
Log Explorer
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: Log Explorer
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Buffer Overflow Vulnerability in xp_logattach.dll

A buffer overflow vulnerability in xp_logattach.dll has been reported for Lumigent Log Explorer. Specifically, this affects the xp_logattach_setport stored procedure. If this condition is successfully exploited, it is possible for locations in memory to be overwritten with attacker-supplied instructions, allowing for code execution as the SQL server process. By default, SQL Server runs as a non-privileged user. It should be noted that extended stored procedures can be run only by the dbo user by default.

Mitigation:

Ensure that the dbo user is not allowed to run extended stored procedures.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5017/info

A buffer overflow vulnerability in xp_logattach.dll has been reported for Lumigent Log Explorer. Specifically, this affects the xp_logattach_setport stored procedure.

If this condition is successfully exploited, it is possible for locations in memory to be overwritten with attacker-supplied instructions, allowing for code execution as the SQL server process. By default, SQL Server runs as a non-privileged user.

It should be noted that extended stored procedures can be run only by the dbo user by default. 

declare @bo varchar(8000)
set @bo = replicate('A', 800)
exec xp_logattach_setport @bo

Navigation

Suggest Exploit

Services By CQR