CVE-2002-1981

Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the 1 spMSSetServerProperties or 2 spMSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings...

CVE-2002-1872

Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption XOR, which allows remote attackers to sniff and decrypt the password...

CVE-2002-1981

Microsoft SQL Server 2000 up to SP2 allows the public role to execute the stored procedures sp_MSSetServerProperties and sp_MSsetalertinfo, enabling modification of configuration including startup and alert settings. This CVE description is corroborated across NVD/Red Hat/CVE pages. No explicit e...

CVE-2002-1872

Consolidated details from multiple sources confirm CVE-2002-1872 affects Microsoft SQL Server 6.0 through 2000 when SQL Authentication is enabled. The underlying issue is weak password encryption using XOR, enabling remote attackers to sniff and decrypt passwords. Affected software: Microsoft SQL...

Multiple SQL Injections in MetaCart2 for SQL Server Special Edition U.K

Dcrab 's Security Advisory Hsc Security Group http://www.hackerscenter.com/ dP Security http://digitalparadox.org/ Get Dcrab's Services to audit your Web servers, scripts, networks, etc. Learn more at http://www.digitalparadox.org/services.ah Severity: High Title: Multiple SQL Injections in...

Sybase TCP/IP Listener Service Detection

The remote host is running a Sybase SQL server. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid17161; scriptversion"1.18"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/07/24"; scriptnameenglish:"Sybase TCP/IP Listener Service Detection";...

CVE-2004-1560

Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service mssqlserver service halt via a long request to TCP port 1433, possibly triggering a buffer overflow...

CVE-2004-1560

The CVE-2004-1560 issue concerns Microsoft SQL Server 7.0. According to connected advisories, a buffer overflow in the TDS packet handling during fragmentation can be triggered remotely by a long request to TCP port 1433, potentially allowing remote code execution or causing application crashes. ...

MS-SQL Server Protocol - General Settings (CAN-2000-1209; CVE-2002-1123)

...

antivir.txt

NOTE: Already posted to vuln-dev. Because I'm not receiving comments, I believe that this one is real. Dear list, please inspect the following, your input is welcome. Vendors Microsoft and unspecified AV company are contacted two months ago, I'm not satisfied with their response and here is the...

CVE-2004-2323

DotNetNuke formerly IBuySpy Workshop 1.0.6 through 1.0.10d allows remote attackers to obtain sensitive information, including the SQL server username and password, via a GET request for source or configuration files such as Web.config...

CVE-2004-1560

Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service mssqlserver service halt via a long request to TCP port 1433, possibly triggering a buffer overflow...

MS SQL Server 7 buffer overflow

No description provided...

Microsoft SQL Server 7.0 - Remote Denial of Service (2)

Microsoft SQL Server 7.0 - Remote Denial of Service 2 // source: https://www.securityfocus.com/bid/11265/info Reportedly Microsoft SQL Server is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle irregular network communications. An...

Microsoft SQL Server 7.0 - Remote Denial of Service (1)

// source: https://www.securityfocus.com/bid/11265/info Reportedly Microsoft SQL Server is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle irregular network communications. An attacker may leverage this issue to cause the affected...

Microsoft SQL Server 7.0 - Remote Denial of Service (2)

// source: https://www.securityfocus.com/bid/11265/info Reportedly Microsoft SQL Server is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle irregular network communications. An attacker may leverage this issue to cause the affected...

Microsoft SQL Server 7.0 - Remote Denial of Service (1)

Microsoft SQL Server 7.0 - Remote Denial of Service 1 // source: https://www.securityfocus.com/bid/11265/info Reportedly Microsoft SQL Server is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle irregular network communications. An...

CVE-2002-1123

Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine MSDE 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow...

CVE-2002-1137

Buffer overflow in the Database Console Command DBCC that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine MSDE 1.0 and Microsoft Desktop Engine MSDE 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data...

CVE-1999-1556

CVE-1999-1556 affects Microsoft SQL Server 6.5. The issue arises from weak encryption of the password for the SQLExecutiveCmdExec account and storing it in an accessible portion of the registry, enabling local users to read and decrypt the CmdExecAccount value and potentially gain privileges. The...