4529 matches found
Microsoft Data Access Components ODBC Buffer Overflow Vulnerability
Description A buffer overflow vulnerability exists in Microsoft Data Access Components that may allow an attacker to run arbitrary code on a client machine. This vulnerability is exposed when a client or a SQL Server implementing the SQL-DMO library, sends a broadcast request for Microsoft SQL...
CVE-2003-0496
Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xpfileexist extended stored procedure with a named pipe as an argument instead of a normal file...
VulnCheck KEV: CVE-2002-0649
Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 MSDE allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which 1 a 0x04 byte that causes the SQL Monitor thread to...
Microsoft SQL Server becomes unresponsive when large packet is sent to specific named pipe
Overview A vulnerability in Microsoft SQL Server may allow a local attacker to cause a denial of service. An exploit for this vulnerability is publicly available. Description Microsoft describes SQL Server as, "a fully enterprise-class database product, providing core support for Extensible Marku...
CVE-2003-0231
Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service crash or hang via a long request to a named pipe...
CVE-2003-0232
CVE-2003-0232 affects Microsoft SQL Server 7, 2000, and MSDE. The issue is a buffer overflow in a Local Procedure Call (LPC) port that can be triggered by a specially crafted request, allowing a local attacker to execute arbitrary code with the SQL Server service account’s privileges. The vulnera...
CVE-2003-0232
Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls LPC port that leads to a buffer overflow...
CVE-2003-0230
CVE-2003-0230 affects Microsoft SQL Server 7, 2000, and MSDE. The vulnerability allows local users to gain privileges by hijacking a named pipe during authentication, due to a flaw in how named pipes are checked by SQL Server when a client authenticates via a named pipe. Impact is privilege eleva...
CVE-2003-0231
Summary: CVE-2003-0231 affects Microsoft SQL Server 7.0, SQL Server 2000, and MSDE. A long request to a named pipe can trigger a denial of service, making the server unresponsive for local or remote authenticated users. The issue arises from how SQL Server interprets a return code from a named-pi...
CVE-2003-0230
Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability...
MS Windows SQL Server Denial of Service Remote Exploit (MS03-031)
Exploit for unknown platform in category dos / poc ================================================================= MS Windows SQL Server Denial of Service Remote Exploit MS03-031 =================================================================...
Microsoft Windows SQL Server - Remote Denial of Service (MS03-031)
Microsoft Windows SQL Server - Remote Denial of Service MS03-031 //////////////////////////////////////////////////////////////// // // Microsoft SQL Server DoS Remote Exploit MS03-031 // By refdom of xfocus // //////////////////////////////////////////////////////////////// include include inclu...
MS Windows SQL Server Denial of Service Remote Exploit (MS03-031)
No description provided by source. //////////////////////////////////////////////////////////////// // // Microsoft SQL Server DoS Remote Exploit MS03-031 // By refdom of xfocus // //////////////////////////////////////////////////////////////// include stdio.h include stdlib.h include windows.h...
Microsoft Windows SQL Server - Remote Denial of Service (MS03-031)
//////////////////////////////////////////////////////////////// // // Microsoft SQL Server DoS Remote Exploit MS03-031 // By refdom of xfocus // //////////////////////////////////////////////////////////////// include include include void Usage printf"\n"; printf"exp for Microsoft SQL Server...
Microsoft SQL Server local code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake Inc. www.atstake.com Security Advisory Advisory Name: Microsoft SQL Server local code execution Release Date: 07/23/2003 Application: Microsoft SQL Server 7, 2000, MSDE Platform: Windows NT/2000/XP Severity: Local code execution / Denial of...
Multiple bugs in Microsoft SQL Server
Buffer overflow in LPC request, DoS via RPC request, named pipe impersonalization...
Microsoft Security Bulletin MS03-031: Cumulative Patch for Microsoft SQL Server (Q815495)
-----BEGIN PGP SIGNED MESSAGE----- - ----------------------------------------------------------------- Title: Cumulative Patch for Microsoft SQL Server 815495 Date: 23 July 2003 Software: - Microsoft SQL Server 7.0 - Microsoft Data Engine MSDE 1.0 - Microsoft SQL Server 2000 - Microsoft SQL Serve...
Microsoft SQL Server DoS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake Inc. www.atstake.com Security Advisory Advisory Name: Microsoft SQL Server DoS Release Date: 07/23/2003 Application: Microsoft SQL Server 7, 2000, MSDE Platform: Windows NT/2000/XP Severity: Denial of Service Author: Andreas Junestam...
MS03-031: Cumulative Patch for MS SQL Server (815495)
The remote Microsoft SQL server is vulnerable to several flaws : - Named pipe hijacking - Named Pipe Denial of Service - SQL server buffer overrun These flaws could allow a user to gain elevated privileges on this host. C Tenable Network Security, Inc. include"compat.inc"; if description...
Microsoft SQL Server vulnerable to buffer overflow
Overview Microsoft SQL Server contains a buffer overflow vulnerability. A local attacker could leverage this vulnerability to gain elevated privileges and/or execute arbitrary code. Description Quoting from Microsoft Security Bulletin MS03-031:A flaw exists in a specific Windows function that may...