Plugins: Databases

IBM solidDB Stored Procedure Call Remote Denial of Service

MySQL 5.6.x < 5.6.11 Multiple Vulnerabilities

MySQL 5.5 < 5.5.31 Multiple Vulnerabilities

MySQL 5.1 < 5.1.69 Multiple Vulnerabilities

Oracle Database, April 2013 Critical Patch Update

MongoDB Web Interface Detection

PostgreSQL 9.1 < 9.1.9 / 9.2 < 9.2.4 Denial of Service

PostgreSQL 8.4 < 8.4.17 / 9.0 < 9.0.13 / 9.1 < 9.1.9 / 9.2 < 9.2.4 Predictable Random Number Generator

PostgreSQL 9.0 < 9.0.13 / 9.1 < 9.1.9 / 9.2 < 9.2.4 File Deletion

PostgreSQL 8.4 < 8.4.17 / 9.0 < 9.0.13 / 9.1 < 9.1.9 / 9.2 < 9.2.4 Multiple Vulnerabilities

MySQL 5.5 < 5.5.30 yaSSL Buffer Overflow

MySQL 5.1 < 5.1.68 Multiple Vulnerabilities

MariaDB 5.5 < 5.5.30 Multiple Vulnerabilities

MariaDB 5.5 < 5.5.28 Multiple Vulnerabilities

MariaDB 5.5 < 5.5.29 Multiple Vulnerabilities

MariaDB 5.3 < 5.3.12 Multiple Vulnerabilities

MariaDB 5.2 < 5.2.14 Multiple Vulnerabilities

MariaDB 5.1 < 5.1.67 Multiple Vulnerabilities

Microsoft SQL Server Unsupported Version Detection

PostgreSQL 8.3 < 8.3.23 / 8.4 < 8.4.16 / 9.0 < 9.0.12 / 9.1 < 9.1.8 / 9.2 < 9.2.3 Denial of Service

MySQL Binary Log SQL Injection

MariaDB Binary Log SQL Injection

MySQL Protocol Remote User Enumeration

Apache CouchDB < 1.0.4 / 1.1.2 / 1.2.1 Multiple Vulnerabilities

Oracle Database, January 2013 Critical Patch Update

MySQL 5.5 < 5.5.29 Multiple Vulnerabilities

MySQL 5.1 < 5.1.67 Multiple Vulnerabilities

PostgreSQL 8.3 < 8.3.18 Multiple Vulnerabilities

PostgreSQL 8.3 < 8.3.20 / 8.4 < 8.4.13 / 9.0 < 9.0.9 / 9.1 < 9.1.5 Multiple Vulnerabilities

PostgreSQL 8.3 < 8.3.19 / 8.4 < 8.4.12 / 9.0 < 9.0.8 / 9.1 < 9.1.4 Multiple Vulnerabilities

PostgreSQL 8.4 < 8.4.11 / 9.0 < 9.0.7 / 9.1 < 9.1.3 Multiple Vulnerabilities

PostgreSQL 8.2 < 8.2.20 / 8.3 < 8.3.14 / 8.4 < 8.4.7 / 9.0 < 9.0.3 Buffer Overflow Vulnerability

PostgreSQL 7.4 < 7.4.30 / 8.0 < 8.0.26 / 8.1 < 8.1.22 / 8.2 < 8.2.18 / 8.3 < 8.3.12 / 8.4 < 8.4.5 / 9.0 < 9.0.1

PostgreSQL 7.4 < 7.4.29 / 8.0 < 8.0.25 / 8.1 < 8.1.21 / 8.2 < 8.2.17 / 8.3 < 8.3.11 / 8.4 < 8.4.4 Multiple Vulnerabilities

PostgreSQL 7.4 < 7.4.27 / 8.0 < 8.0.23 / 8.1 < 8.1.19 / 8.2 < 8.2.15 / 8.3 < 8.3.9 / 8.4 < 8.4.2 Multiple Vulnerabilities

PostgreSQL Unsupported

PostgreSQL Version Detection

MariaDB 5.5 < 5.5.28a Buffer Overflow

MariaDB 5.3 < 5.3.11 Buffer Overflow

MariaDB 5.2 < 5.2.13 Buffer Overflow

MariaDB 5.1 < 5.1.66 Buffer Overflow

MySQL 5.0.95 MyISAM Table Symbolic Link Local Restriction Bypass

DB2 9.7 < Fix Pack 7 Multiple Vulnerabilities

Oracle Database, October 2012 Critical Patch Update

MySQL 5.5 < 5.5.28 Multiple Vulnerabilities

MySQL 5.5 < 5.5.27 Multiple Vulnerabilities

MySQL 5.5 < 5.5.26 Multiple Vulnerabilities

MySQL 5.1 < 5.1.66 Multiple Vulnerabilities

MySQL 5.1 < 5.1.65 Multiple Vulnerabilities

MySQL 5.1 < 5.1.64 Multiple Vulnerabilities

DB2 9.5 < Fix Pack 10 Multiple Vulnerabilities

DB2 10.1 < Fix Pack 1 Multiple Vulnerabilities

MySQL Default Account Credentials

MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass

DB2 9.1 < Fix Pack 12 Multiple Vulnerabilities

Oracle Database, July 2012 Critical Patch Update

MySQL 5.5 < 5.5.23 Unspecified Vulnerability

DB2 9.8 < Fix Pack 5 Multiple Vulnerabilities

DB2 9.7 < Fix Pack 6 Multiple Vulnerabilities

DB2 9.1 < Fix Pack 11 Multiple Denial of Service Vulnerabilities

Rocket U2 UniData < 7.3 unidata72 RPC Interface Call Parsing Arbitrary Command Execution

MySQL 5.5 < 5.5.24 Security Bypass Vulnerability

MySQL 5.1 < 5.1.63 Multiple Vulnerabilities

MySQL 5.1 < 5.1.62 Multiple Denial of Service Vulnerabilities

Oracle Database, April 2012 Critical Patch Update

MySQL 5.5 < 5.5.22 Multiple Vulnerabilities

DB2 9.5 < Fix Pack 9 Multiple Vulnerabilities

IBM solidDB 6.5 < 6.5.0.8 Interim Fix 6 Redundant WHERE Clause Select Statement Parsing Remote DoS

IBM solidDB 6.5 < 6.5.0.8 Multiple Denial of Service Vulnerabilities

IBM solidDB < 7.0 Fix Pack 1 / 6.5.0.8 Interim Fix 5 Denial of Service

MySQL 5.5 < 5.5.20 Multiple Vulnerabilities

MySQL 5.1 < 5.1.61 Multiple Vulnerabilities

MySQL 5.0 < 5.0.95 Multiple Vulnerabilities

Oracle Database, January 2012 Critical Patch Update

MySQL Unsupported Version Detection

DB2 9.7 < Fix Pack 5 Multiple Denial of Service Vulnerabilities

Oracle Database, October 2011 Critical Patch Update

Oracle Database, October 2009 Critical Patch Update

Oracle Database, July 2009 Critical Patch Update

Oracle Database, April 2009 Critical Patch Update

Oracle Database, January 2009 Critical Patch Update

Oracle Database, October 2008 Critical Patch Update

Oracle Database, July 2008 Critical Patch Update

Oracle Database, April 2008 Critical Patch Update

Oracle Database, January 2008 Critical Patch Update

Oracle Database, October 2007 Critical Patch Update

Oracle Database, July 2007 Critical Patch Update

Oracle Database, April 2007 Critical Patch Update

Oracle Database, January 2007 Critical Patch Update

Oracle Database, October 2006 Critical Patch Update

Oracle Database, July 2006 Critical Patch Update

Oracle Database, April 2006 Critical Patch Update

Oracle Database, January 2006 Critical Patch Update

Oracle Database, October 2005 Critical Patch Update

Oracle Database Unsupported

DB2 Unsupported Version Detection

Oracle Database, July 2011 Critical Patch Update

Oracle Database, April 2011 Critical Patch Update

IBM solidDB Detection (local check)

DB2 9.7 < Fix Pack 4 Multiple Vulnerabilities

IBM solidDB Password Hash Length Authentication Bypass

Apache Derby 'BUILTIN' Authentication Insecure Password Hashing

Apache CouchDB < 1.0.2 Futon Admin Interface XSS

Apache CouchDB Detection

DB2 9.5 < Fix Pack 7 Multiple Vulnerabilities

DB2 9.1 < Fix Pack 10 Multiple Vulnerabilities

Rocket Software UniRPC Service Packet Header Remote Overflow (uncredentialed check)

Oracle Database, January 2011 Critical Patch Update

Oracle Database, October 2010 Critical Patch Update

MySQL Community Server 5.1 < 5.1.52 Multiple Vulnerabilities

DB2 9.7 < Fix Pack 3 Multiple Vulnerabilities

MySQL Community Server < 5.1.51 Multiple Vulnerabilities

DB2 9.5 < Fix Pack 6a Multiple Vulnerabilities

MySQL Community Server < 5.1.49 Multiple Vulnerabilities

Apache CouchDB < 0.11.2 Futon admin interface Cross-Site Request Forgery

Oracle Database, July 2010 Critical Patch Update

MySQL Community Server < 5.1.48 Denial of Service

DB2 9.7 < Fix Pack 2 Multiple Vulnerabilities

MySQL Community Server < 5.1.47 / 5.0.91 Multiple Vulnerabilities

MySQL Community Server 5.1 < 5.1.46 Multiple Vulnerabilities

DB2 9.1 < Fix Pack 9 Multiple Vulnerabilities

Oracle Database, April 2010 Critical Patch Update

Oracle Database, January 2010 Critical Patch Update

Oracle RDBMS Host Name and Patch Info

Apache CouchDB < 0.11.0 Hash Verification Information Leak

Apache CouchDB Unauthenticated Administrative Access

DB2 9.5 < Fix Pack 5 Unspecified Vulnerabilities

MySQL 5.1 < 5.1.41 Multiple Vulnerabilities

MySQL 5.0 < 5.0.88 Multiple Vulnerabilities

IBM solidDB < 6.30.0.37 Invalid Error Code DoS

DB2 9.1 < Fix Pack 8 Multiple Vulnerabilities

PostgreSQL LDAP Anonymous Bind Authentication Bypass

DB2 8.1 < Fix Pack 18 Multiple Vulnerabilities

DB2 < 9.5 Fix Pack 4 Multiple Vulnerabilities

DB2 9.1 < Fix Pack 7 Multiple Vulnerabilities

MySQL 6.0 < 6.0.10 XPath Expression DoS

MySQL 5.1 < 5.1.32 XPath Expression DoS

MySQL Enterprise Server 5.0 < 5.0.70 Privilege Bypass

DB2 9.1 < Fix Pack 6 Multiple Vulnerabilities

DB2 8 < Fix Pack 17 Multiple Vulnerabilities

MySQL Enterprise Server 5.0 < 5.0.66 Empty Bit-String Literal Token SQL Statement DoS

MySQL 6.0 < 6.0.6 Empty Bit-String Literal Token SQL Statement DoS

MySQL 5.1 < 5.1.26 Empty Bit-String Literal Token SQL Statement DoS

MySQL Community Server 5.0 < 5.0.67 Multiple Vulnerabilities

DB2 9.5 < Fix Pack 2 Multiple Vulnerabilities

Default Password (db2admin) for 'db2admin' Account on Windows

DB2 < 9.5 Fix Pack 1 Multiple Vulnerabilities

Openlink Virtuoso Server Default Credentials

DB2 < 9 Fix Pack 5 Multiple Vulnerabilities

Oracle Application Server Portal 10g Authentication Bypass

Firebird on Gentoo Linux /etc/conf.d/firebird Invocation ISC_PASSWORD Authentication Bypass

Firebird Default Credentials

SAP MaxDB Multiple Vulnerabilities

MySQL Enterprise Server 5.0 < 5.0.60 MyISAM CREATE TABLE Privilege Check Bypass

MySQL 4.1 < 4.1.24 MyISAM Create Table Privilege Check Bypass

MobiLink Server < 10.0.1 build 3649 mlsrv10.exe Multiple Remote Overflows

solidDB Default Credentials

solidDB Detection

DB2 < 8.1 FixPak 16 Multiple Vulnerabilities

SAP DB / MaxDB Cons Program Arbitrary Command Execution

MySQL Enterprise Server 5.0 < 5.0.52 Multiple Vulnerabilities

MySQL Community Server < 5.1.23 / 6.0.4 Multiple Vulnerabilities

MySQL Community Server 5.0 < 5.0.51 RENAME TABLE Symlink System Table Overwrite

DB2 < 9 Fix Pack 4 Multiple Vulnerabilities

Oracle Listener Program Logging Privilege Escalation (1361722)

Sybase ASA Default Database Password

Sybase ASA Client Connection Broadcast Remote Information Disclosure

DB2 < 9 Fix Pack 3 / 8 FixPak 15 Multiple Vulnerabilities

MySQL Community Server 5.0 < 5.0.45 Multiple Vulnerabilities

Firebird DataBase Server fbserver.exe p_cnct_count Value Remote Overflow

MySQL 5.1 < 5.1.18 Multiple Vulnerabilities

MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS

MySQL Single Row Subselect Remote DoS

DB2 < 9 Fix Pack 2 Multiple Vulnerabilities

DB2 < 8.1 FixPak 14 Multiple Vulnerabilities

DB2 < 8.1 FixPak 13 CONNECT Processing Unspecified DoS

DB2 < 8.1 FixPak 12 EXCSAT Long MGRLVLLS Message Remote DoS

HSQLDB Server Default Credentials

DB2 JDBC Applet Server Detection

DB2 Interrupt Port Detection

DB2 Connection Port Detection

Oracle Default Accounts

Oracle Default SID

DB2 Discovery Service Detection

DB2 Administration Server Detection

MySQL Anonymous Login Handshake Remote Information Disclosure

MySQL < 4.0.25 / 4.1.13 / 5.0.7 Multiple Vulnerabilies

Oracle Database 9i/10g Fine Grained Auditing (FGA) SELECT Statement Logging Weakness

Oracle 10g DBMS_SCHEDULER Privilege Escalation

PostgreSQL < 8.0.3 Multiple Vulnerabilities

Oracle Application Server Webcache Requests OHS mod_access Restriction Bypass

Oracle Application Server 9i Webcache < 9.0.4.0 Multiple Vulnerabilities

Oracle Database 10g Multiple Remote Vulnerabilities

MySQL < 3.23.50 / 4.0.24 / 4.1.6 / 5.0.3 Insecure Temporary File Creation

MySQL < 6.0.9-alpha / 5.5.3 Access Control Weakness

MySQL < 5.5.6 Multiple Denial of Service

MySQL < 5.0.90 / 5.1.43 / 5.5.0-m2 Multiple Buffer Overflows

MySQL < 5.0.92 Multiple Denial of Service

MySQL < 5.0.54 / 5.1.23 / 6.0.4 Denial of Service

MySQL 5.0 < 5.0.40 Multiple Vulnerabilities

MySQL < 5.0.23 / 5.1.12 Denial of Service

MySQL 5.0.18 Information Leak

MySQL < 4.1.23 / 5.0.42 Access Control Vulnerability

MySQL < 4.1.13a / 5.0.11 Zlib Library Buffer Overflow

MySQL < 4.1.13a / 5.0.10 Zlib Library Buffer Overflow

MySQL < 4.1.13 / 5.0.8 DOS Device Name Denial of Service Vulnerabilities

MySQL < 4.1.13 Denial of Service

MySQL Weak Hash Algorithm

MySQL < 4.0.20 File Overwrite

MySQL < 4.0.14 libmysqlclient Buffer Overflow

MySQL 3.20.32 - 3.23.52 Weak Default Configuration

MySQL < 3.23.56 Writable Configuration Files

MySQL < 3.23.50 / 4.0.2 Local Code Execution

MySQL < 3.23.33 Multiple Buffer Overflows

MySQL < 3.23.31 Buffer Overflow

MySQL 3.x Password Disclosure

MySQL < 3.22 Readable Logs

yaSSL 1.7.5 Buffer Overflow

MySQL < 5.0.51a / 5.1.23 / 6.0.4 Denial of Service

MySQL < 5.0.88 / 5.1.42 / 5.5.0 / 6.0.14 MyISAM CREATE TABLE Privilege Check Bypass

MySQL < 5.0.89 / 5.1.42 / 5.4.2 / 5.5.1 / 6.0.14 Client Cross-Site Scripting

MySQL < 4.1.18 / 5.0.19 / 5.1.6 Denial of Service

MySQL < 5.0.32 / 5.1.14 Denial of Service

MySQL < 5.0.25 / 5.1.12 Privilege Escalation

MySQL < 4.1.21 / 5.0.25 / 5.1.12 Access Control

MySQL < 4.1.20 / 5.0.22 / 5.1.11 SQL Injection

MySQL < 4.1.12 / 5.0.4 Insecure Permissions

MySQL < 5.0.83 Denial of Service

MySQL < 5.0.36 Denial of Service

MySQL < 4.1.21 / 5.0.24 Privilege Persistence

MySQL < 5.0.22 / 5.1.10 Authentication Bypass

MySQL < 4.1.21 / 5.0 Denial of Service

MySQL < 4.1.2 Insecure Temporary File Creation

MySQL User-Defined Functions Multiple Vulnerabilities

MySQL < 4.0.27 / 4.1.19 / 5.0.21 Multiple Vulnerabilities

MySQL 4.1 < 4.1.3 Multiple Vulnerabilities

MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass

Oracle 8i/9i Database Server UTL_FILE Traversal Arbitrary File Manipulation

Oracle Reports Server test.jsp Multiple Parameter XSS

Oracle Enterprise Manager Web Console Detection

MySQL < 4.0.24 / 4.1.10a Multiple Vulnerabilities

Sybase Adaptive Server Enterprise < 12.5.4.0 Multiple Vulnerabilities

Sybase SQL sa Account Blank Password

PostgreSQL < 7.2.7 / 7.3.9 / 7.4.7 / 8.0.1 Multiple Vulnerabilities

Oracle Database Multiple Vulnerabilities (CPU Jan 2005)

DB2 < 8 Fix Pack 7a Multiple Vulnerabilities

MySQL < 4.0.21 Multiple Vulnerabilities

MySQL < 3.23.59 / 4.0.21 Multiple Vulnerabilities

PostgreSQL make_oidjoins_check Arbitrary File Overwrite

MySQL libmysqlclient Prepared Statements API Overflow

Oracle Database Multiple Remote Vulnerabilities (Mar 2005)

MySQL < 4.0.21 mysqlhotcopy Insecure Temporary File Creation

MySQL < 4.0.21 mysql_real_connect() Function Remote Overflow

Firebird DB Remote Database Name Overflow

Oracle Application Server Web Cache <= 9.0.4.0 Multiple Vulnerabilities

Oracle Multiple Products SOAP Message Crafted DTD Remote DoS

Oracle Database 9i Multiple Functions Local Overflow

Oracle 9iAS Multiple Portal Component SQL Injection

PostgreSQL to_ascii() Function Remote Overflows

DB2 Discovery Service Malformed UDP Packet Remote DoS

Microsoft SQL Server < 7 Local Privilege Escalation

MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow

DBTools DBManager catalog.mdb Cleartext Local Credential Disclosure

Oracle Net Services CREATE DATABASE LINK Query Overflow

PostgreSQL < 7.2.3 Multiple Vulnerabilities

Oracle 9iAS PL/SQL Gateway Web Admin Interface Null Authentication

MySQL datadir/my.cnf Modification Privilege Escalation

MySQL < 3.23.55 mysql_change_user() Double-free Memory Pointer DoS

Oracle 9iAS Default SOAP Configuration Unauthorized Application Deployment

Oracle 9iAS Nonexistent .jsp File Request Error Message Path Disclosure

Oracle 9iAS OWA_UTIL Stored Procedures Information Disclosure

Oracle 9iAS XSQLServlet soapConfig.xml Authentication Credentials Disclosure

Oracle 9iAS soapdocs Directory Remote Information Disclosure

Microsoft SQL Server Detection (credentialed check)

MS02-061: Microsoft SQL Server Multiple Vulnerabilities (uncredentialed check)

MySQL < 3.23.54 / 4.0.6 Multiple Vulnerabilities

Oracle Application Server Web Cache HTTP Request Overflow

Oracle Web Cache Admin Module Multiple GET Request Method DoS

Microsoft SQL Server Authentication Function Remote Overflow

Oracle JSP Apache/Jserv Path Translation Arbitrary JSP File Execution

DB2 Multiple CGI Single Byte Request Remote DoS

Microsoft SQL Server Default Credentials

Oracle Application Server XSQLServlet XSQLConfig.xml Information Disclosure

Oracle 9iAS mod_plsql Encoded Traversal Arbitrary File Access

Oracle 9iAS _pages Directory Compiled JSP Source Disclosure

Oracle 9iAS Java Process Manager /oprocmgr-status Anonymous Process Manipulation

Oracle 9iAS globals.jsa Database Credential Remote Disclosure

Oracle 9iAS mod_plsql DAD Admin Interface Access

Oracle 9iAS DMS / JPM Pages Anonymous Access

Oracle 9iAS mod_plsql Help Page Request Remote Overflow

Oracle Application Server Web Cache Multiple Remote DoS

MySQL Server Detection

Microsoft SQL Server UDP Query Remote Version Disclosure

Microsoft SQL Server sa Account Default Blank Password

Oracle Database Listener Program (tnslsnr) Service Blank Password

Oracle Database tnslsnr Service Remote Version Disclosure

Oracle Application Server ndwfn4.so HTTP Request Remote Overflow

MySQL < 3.23.36 Multiple Vulnerabilities

Oracle XSQL query.xsql sql Parameter SQL Injection

Oracle Application Server XSQL Stylesheet Arbitrary Java Code Execution

PostgreSQL Default Unpassworded Account

MySQL Unpassworded Account Check

MySQL Short Check String Authentication Bypass

Oracle Webserver PL/SQL Stored Procedure GET Request DoS

MS99-059: Microsoft SQL Server Crafted TCP Packet Remote DoS (uncredentialed check)

Products

Nessus Family of Products

Unified Security Monitoring Platform

Solutions

Compliance

Industry

Technology

Partners

Nessus Partners

Enterprise Partners

Distribution Partners

Resources

Support

Training & Certification

Downloads

About

News

Plugins: Databases