CVE-2002-0700

This CVE concerns Microsoft Content Management Server (MCMS) 2001, where a buffer overflow in the Profile Service (an MDAC-related function used during user authentication) can allow an attacker to execute code in the Local System context by authenticating to a vulnerable web page. The issue is c...

CVE-2002-0642

The registry key containing the SQL Server service account information in Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine MSDE 2000, has insecure permissions, which allows local users to gain privileges, aka "Incorrect Permission on SQL Server Service Account Registry Key...

CVE-2002-0187

The CVE-2002-0187 entry corresponds to a cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000, where an attacker could inject script via the root parameter of an XML SQL query. Connected documents also describe a related overflow issue in the SQLXML ISAPI filter...

CVE-2002-0650

CVE-2002-0650 affects Microsoft SQL Server 2000’s Resolution Service on UDP port 1434. A forged ping from one server to another (both using 1434) can trigger the Resolution Service to exchange referrals/pings in an infinite loop, causing a denial of service (bandwidth/resource exhaustion) between...

Protegrity Secure.Data for Microsoft SQL Server 2000 contains buffer overflows in extended stored procedures

Overview Protegrity Secure.Data for Microsoft SQL Server 2000 includes several extended stored procedures that contain buffer overflow vulnerabilities. These vulnerabilities could allow a remote attacker to execute arbitrary code, gain access to databases, or cause a denial of service. Descriptio...

Microsoft SQL Server 2000 Vulnerabilities in Cisco Products - MS02-061

...

Microsoft SQL Server Detection (credentialed check)

Nessus has detected one or more installs of Microsoft SQL server by examining the registry and file systems on the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid11217; scriptversion"1.157";...

MS02-061: Microsoft SQL Server Multiple Vulnerabilities (uncredentialed check)

The remote MS SQL server is affected by several overflows that could be exploited by an attacker to gain SYSTEM access on that host. Note that a worm sapphire is exploiting these vulnerabilities in the wild. C Tenable Network Security, Inc. ping code taken from mssqlping by H D Moore MS02-061...

CVE-2002-1872

Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption XOR, which allows remote attackers to sniff and decrypt the password...

CVE-2002-1981

Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the 1 spMSSetServerProperties or 2 spMSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings...

PT-2002-2594 · Microsoft · Sql Server

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server versions 6.0 through 2000 Description: The issue allows remote attackers to sniff and decrypt passwords due to the use of weak password encryption XOR when SQL Authentication is enabled. Recommendations: For Microsoft SQL...

CVE-2002-1145

The xprunwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine MSDE 1.0, and Microsoft Desktop Engine MSDE 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is owned by the database owne...

CVE-2002-1145

The CVE-2002-1145 entry describes a privilege-escalation issue in the Web Tasks xp_runwebtask stored procedure for Microsoft SQL Server 7.0, SQL Server 2000, MSDE 1.0, and MSDE 2000. The vulnerability arises because xp_runwebtask can be executed by PUBLIC, allowing an attacker to update a webtask...

CVE-2002-1145

The xprunwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine MSDE 1.0, and Microsoft Desktop Engine MSDE 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is owned by the database owne...

Multiple bugs in Microsoft SQL Server (multiple bugs)

Buffer overflows in OpenDataSource, OPENROWSET, pwdencrypt and xpdirtree. Weak registry permissions, weak password enbcryption...

Microsoft Security Bulletin MS02-061: Elevation of Privilege in SQL Server Web Tasks (Q316333)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Elevation of Privilege in SQL Server Web Tasks Q316333 Released: 16 October 2002 Software: Microsoft SQL Server 7.0 and 2000 Impact: Elevation of privilege Max Risk: Critical Bulleti...

Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002)

NGSSoftware Insight Security Research Advisory Name: Microsoft SQL Server Webtasks privilege elevation Systems: Microsoft SQL Server 2000 and 7 Severity: High Risk Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected] Advisory URL:...

Microsoft SQL Server Web Task Stored Procedure Privilege Escalation Vulnerability

Description Microsoft has reported a vulnerability in SQL Server. According to the report, the vulnerability may be exploited by malicious database users to elevate privileges. Web tasks create HTML files containing queried data. They are invoked with a stored procedure. By default, the privilege...

CVE-2002-1137

Buffer overflow in the Database Console Command DBCC that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine MSDE 1.0 and Microsoft Desktop Engine MSDE 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data...

CVE-2002-1138

Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine MSDE 1.0 and Microsoft Desktop Engine MSDE 2000, writes output files for scheduled jobs under its own privileges instead of the entity that launched it, which allows attackers to overwrite system files, aka "Flaw in Output File...