The document warns to secure the Global Manager server module by blocking it and setting strict IP restrictions to prevent connections from untrustworthy addresses. It notes the module is vulnerable to SQL injections and buffer overflows, and provides a proof of concept attack where typing a shutdown command in the username field can cause the MSSQL server to stop responding.
The document warns to secure the Global Manager server module by blocking it and setting strict IP restrictions to prevent connections from untrustworthy addresses. It notes the module is vulnerable to SQL injections and buffer overflows, and provides a proof of concept attack where typing a shutdown command in the username field can cause the MSSQL server to stop responding.
The document warns to secure the Global Manager server module by blocking it and setting strict IP restrictions to prevent connections from untrustworthy addresses. It notes the module is vulnerable to SQL injections and buffer overflows, and provides a proof of concept attack where typing a shutdown command in the username field can cause the MSSQL server to stop responding.
The document warns to secure the Global Manager server module by blocking it and setting strict IP restrictions to prevent connections from untrustworthy addresses. It notes the module is vulnerable to SQL injections and buffer overflows, and provides a proof of concept attack where typing a shutdown command in the username field can cause the MSSQL server to stop responding.
Please, take care of your Global Manager server module.
You should also
block it, and set strict ip restrictions for it. Don't allow any non-trustable gm ip addresses to connect it. It's vulnerable to SQL injections (and also, several buffer overflows).
PoC : get SMC, set ip address at ServiceManager.cfg to target server ip address,
and global manager port, type "' shutdown -- " (without double quotes) into username field (or any other), and try connecting. MSSQL server will stop responding after this query.