4529 matches found
Microsoft SQL Server 2000 / Microsoft Jet 4.0 Engine - Unicode Buffer Overflow (PoC)
source: https://www.securityfocus.com/bid/5057/info Microsoft SQL Server is prone to a remotely exploitable unicode-based buffer overflow condition. This condition occurs when the OpenDataSource function is used with MS Jet Engine. This issue may be exploited to execute attacker-supplied...
Lumigent Log Explorer 3.0.1 - XP_LogAttach_SetPort Buffer Overflow
Lumigent Log Explorer 3.0.1 - XPLogAttachSetPort Buffer Overflow source: https://www.securityfocus.com/bid/5017/info A buffer overflow vulnerability in xplogattach.dll has been reported for Lumigent Log Explorer. Specifically, this affects the xplogattachsetport stored procedure. If this conditio...
Microsoft SQL Server 2000 - Password Encrypt procedure Buffer Overflow
Microsoft SQL Server 2000 - Password Encrypt procedure Buffer Overflow source: https://www.securityfocus.com/bid/5014/info A buffer overflow vulnerability has been reported in SQL Server 2000. The vunerability is a result of an unchecked buffer when using the password encrypt procedure. This...
Lumigent Log Explorer XP - _LogAttach_StartProf Buffer Overflow
Lumigent Log Explorer XP - LogAttachStartProf Buffer Overflow source: https://www.securityfocus.com/bid/5016/info A buffer overflow vulnerability in xplogattach.dll has been reported for Lumigent Log Explorer. Specifically, this affects the xplogattachStartProf stored procedure. If this condition...
Microsoft SQL Server 2000 pwdencrypt() buffer overflow
Microsoft SQL Server 2000 up to SP2 suffers from buffer/heap overflow in built-in hashing function pwdencrypt. Sample code shown below crashes SQL Server service and may lead to arbitrary code execution: SELECT pwdencryptREPLICATE'A',353 On some systems it may require lager amount of characters t...
Microsoft SQL Server 2000 - Password Encrypt procedure Buffer Overflow
source: https://www.securityfocus.com/bid/5014/info A buffer overflow vulnerability has been reported in SQL Server 2000. The vunerability is a result of an unchecked buffer when using the password encrypt procedure. This procedure is used by administrators to provides support for the storage of...
Lumigent Log Explorer 3.0.1 - XP_LogAttach_SetPort Buffer Overflow
source: https://www.securityfocus.com/bid/5017/info A buffer overflow vulnerability in xplogattach.dll has been reported for Lumigent Log Explorer. Specifically, this affects the xplogattachsetport stored procedure. If this condition is successfully exploited, it is possible for locations in memo...
Lumigent Log Explorer XP - _LogAttach_StartProf Buffer Overflow
source: https://www.securityfocus.com/bid/5016/info A buffer overflow vulnerability in xplogattach.dll has been reported for Lumigent Log Explorer. Specifically, this affects the xplogattachStartProf stored procedure. If this condition is successfully exploited, it is possible for locations in...
Microsoft SQL Server 2000 SQLXML buffer overflow
Buffer overflow in ISAPI filter and crossite scripting...
Microsoft SQL Server 2000 - SQLXML Script Injection
Microsoft SQL Server 2000 - SQLXML Script Injection source: https://www.securityfocus.com/bid/5005/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various method...
Microsoft SQL Server 2000 - SQLXML Buffer Overflow (PoC)
Microsoft SQL Server 2000 - SQLXML Buffer Overflow PoC source: https://www.securityfocus.com/bid/5004/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various...
Microsoft SQL Server 2000 - 'SQLXML' Buffer Overflow (PoC)
source: https://www.securityfocus.com/bid/5004/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various methods of communication, one of which is via HTTP. SQLXML...
Microsoft SQL Server 2000 - SQLXML Script Injection
source: https://www.securityfocus.com/bid/5005/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various methods of communication, one of which is via HTTP. SQLXML...
CVE-2002-0154
Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments...
CVE-2002-0224
The MSDTC Microsoft Distributed Transaction Service Coordinator for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service crash or hang via malformed random input...
CVE-2002-0224
MSDTC DoS (CVE-2002-0224) affects Microsoft Windows 2000, IIS 5.x, and SQL Server up to 2000. A DoS can be triggered by sending malformed input to the MSDTC service, potentially causing crashes or hangs. OpenVAS/Nessus refer to MS02-018 as the patch that mitigates related issues; applying that pa...
CVE-2002-0154
Microsoft SQL Server 7.0 and SQL Server 2000 contain buffer overflow vulnerabilities in multiple extended stored procedures. A remote attacker could exploit these to cause a denial of service or execute arbitrary code (potentially with the SQL Server service account privileges), and could even af...
CVE-2002-0154
Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments...
Security Bulletin MS02-020:SQL Extended Procedure Functions Contain Unchecked Buffers (Q319507)
---------------------------------------------------------------------- Title: SQL Extended Procedure Functions Contain Unchecked Buffers Q319507 Date: 17 April 2002 Software: Microsoft SQL Server Impact: Run Code of Attacker's Choice Max Risk: Moderate Bulletin: MS02-020 Microsoft encourages...
Microsoft SQL Server contains buffer overflows in openrowset and opendatasource macros
Overview Microsoft SQL Server contains several buffer overflows in "functions that are associated with connecting to remote data sources through 'ad hoc names.'" Description Microsoft SQL Server versions 7.0 and 2000 contain buffer overflows in the openrowset and opendatasource macros. By calling...