Lucene search

[email protected]CVE-2002-1123

HistorySep 24, 2002 - 4:00 a.m.

CVE-2002-1123

2002-09-2404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

114

microsoft sql server

msde 2000

buffer overflow

remote code execution

cve-2002-1123

8.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.962 High

EPSS

Percentile

99.5%

JSON

Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the “Hello” overflow.

CPENameOperatorVersion
microsoft:sql_servermicrosoft sql servereq2000
microsoft:data_enginemicrosoft data engineeq2000

CPE	Name	Operator	Version
microsoft:sql_server	microsoft sql server	eq	2000
microsoft:data_engine	microsoft data engine	eq	2000

References

marc.info/?l=bugtraq&m=102873609025020&w=2

online.securityfocus.com/archive/1/286220

www.ciac.org/ciac/bulletins/n-003.shtml

www.iss.net/security_center/static/9788.php

www.securityfocus.com/bid/5411

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-056

8.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.962 High

EPSS

Percentile

99.5%

JSON

Related for CVE-2002-1123

checkpoint_advisories3 canvas2 saint4 openvas2 nessus1 packetstorm1 cvelist1