CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4529 matches found

CVE•added 2000/03/22 5:0 a.m.•50 views

CVE-2000-0199

CVE-2000-0199 affects Microsoft SQL Server 7.0 via Enterprise Manager when the “Always prompt for login name and password” option is not set; the login credentials are stored with weak encryption. The connected Nessus entry also describes a potential local privilege escalation by authenticated us...

7.2CVSS7AI score0.01453EPSS

Exploits1References1Affected Software1

Cvelist•added 2000/03/22 5:0 a.m.•23 views

CVE-2000-0199

When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password...

7AI score0.01453EPSS

Exploits1References1

NVD•added 2000/03/14 5:0 a.m.•16 views

CVE-2000-0199

7.2CVSS7AI score0.01453EPSS

Exploits1References1

NVD•added 2000/03/08 5:0 a.m.•16 views

CVE-2000-0202

Microsoft SQL Server 7.0 and Microsoft Data Engine MSDE 1.0 allow remote attackers to gain privileges via a malformed Select statement in an SQL query...

7.5CVSS7.4AI score0.09522EPSS

Exploits0References2

Tenable Nessus•added 1999/11/22 12:0 a.m.•24 views

MS99-059: Microsoft SQL Server Crafted TCP Packet Remote DoS (uncredentialed check)

The remote Microsoft SQL server can be shut down when it is sent a TCP packet containing more than 2 NULLs. An attacker may use this problem to prevent it from being used by legitimate clients, thus threatening your business. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

4.3CVSS5.8AI score0.21682EPSS

Exploits0References3

exploitpack•added 1999/11/19 12:0 a.m.•26 views

Microsoft SQL Server 7.07.0 SP1 - NULL Data Denial of Service

Microsoft SQL Server 7.07.0 SP1 - NULL Data Denial of Service // source: https://www.securityfocus.com/bid/817/info If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data it will crash. The crash will generate an event in the log with ID 17055 "fatal exception...

8AI score

Exploits0

Exploit DB•added 1999/11/19 12:0 a.m.•30 views

Microsoft SQL Server 7.0/7.0 SP1 - NULL Data Denial of Service

// source: https://www.securityfocus.com/bid/817/info If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data it will crash. The crash will generate an event in the log with ID 17055 "fatal exception EXCEPTIONACCESS VIOLATION". / sqldos.c -- a DoS attack agains MS...

7.4AI score

Exploits0

Tenable Nessus•added 1999/10/12 12:0 a.m.•735 views

Microsoft SQL Server TCP/IP Listener Detection

The remote host is running MSSQL, a database server from Microsoft. It is possible to extract the version number of the remote installation from the server pre-login response. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10144; scriptversion"1.62";...

5.5AI score

Exploits0

Packet Storm•added 1999/08/17 12:0 a.m.•26 views

ms.sql.enterprise.manager.txt

Date: Thu, 4 Mar 1999 19:52:15 -0500 From: [email protected] To: [email protected] I've come across an issue regarding Microsoft SQL Server 6.0 and 6.5. SQL Server has a management tool called SQL Explorer used to manage the server. If your SQL Server is set to use normal...

7.4AI score

Exploits0

NVD•added 1998/06/29 4:0 a.m.•24 views

CVE-1999-1556

Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value...

7.2CVSS0.01179EPSS

Exploits0References3