4418 matches found
CVE-2002-0982
Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the spMScopyscript stored procedure...
CVE-2002-0721
Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via 1 xpexecresultset, 2...
CVE-2002-0859
Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code...
Microsoft SQL Server Stored procedures [sp_MSSetServerPropertiesn and sp_MSsetalertinfo] (#NISR03092002A)
NGSSoftware Insight Security Research Advisory Name: spMSSetServerPropertiesn and spMSsetalertinfo Systems: Microsoft SQL Server 2000 Severity: Low Risk Category: Configuration Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected] Advisory URL:...
CVE-2002-0982
Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the spMScopyscript stored procedure...
CVE-2002-0982
Microsoft SQL Server 2000 SP2 (when configured as a distributor) is exposed to an arbitrary code execution vulnerability through the @scriptfile parameter of the sp_MScopyscript stored procedure. The CVE-2002-0982 entry documents this as a high-severity issue (CVSS v2 base score 7.5) with network...
Arbitrary Command Execution on Distributor SQL Server 2000 machines (#NISR22002002A)
NGSSoftware Insight Security Research Advisory Name: Arbitrary Command Execution on SQL Server 2000 Systems: Microsoft SQL Server 2000 SP 2 Severity: High Risk for Distributor servers Category: Arbitrary Command Execution Vendor URL: http://www.microsoft.com/ Author: David Litchfield...
More DBCC overruns SQL SEVER 2000
To compliment http://online.securityfocus.com/archive/1/284382/2002-07-20/2002-07-26/0 there also exists another two bufferoverruns. Although not documented on MS they are fixed in http://download.microsoft.com/download/SQLSVR2000/Patch/8.00.0667/W98NT4 2KMeXP/EN-US/8.00.0667enu.exe 1 DBCC...
CVE-2002-0721
Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via 1 xpexecresultset, 2...
CVE-2002-0721
The CVE-2002-0721 issue affects Microsoft SQL Server 7.0 and 2000 where extended stored procedures with weak permissions (xp_execresultset, xp_printstatements, xp_displayparamstmt) can allow an unprivileged user to execute procedures with administrator privileges. CERT advisories describe the ris...
Microsoft SQL Server Agent Jobs Vulnerabilities (#NISR15002002B)
NGSSoftware Insight Security Research Advisory Name: SQL Agent Jobs Systems: Microsoft SQL Server 2000 and 7 Severity: High Risk Category: Privilege Escalation Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected] Advisory URL:...
Microsoft SQL Server Extended Stored Procdure privilege upgrade vulnerabilities (#NISR15002002A)
NGSSoftware Insight Security Research Advisory Name: Extended Stored Procedure Privilege Upgrade Systems: Microsoft SQL Server 2000 and 7 Severity: High Risk Category: Privilege Escalation Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected] Advisory URL:...
Microsoft Windows SQL Server allows arbitrary queries to be executed via "xp_printstatements" extended procedure
Overview MS SQL Server contains an extended stored procedure with inappropriate permission settings. Description Microsoft SQL Server 7.0 and Microsoft SQL Server 2000 contain an extended stored procedure, xpprintstatements , that permits an unprivileged user of a database to gain administrative...
Microsoft Windows SQL Server allows arbitrary queries to be executed via "xp_execresultset" extended procedure
Overview MS SQL Server contains an extended stored procedure with inappropriate permission settings. Description Microsoft SQL Server 7.0 and Microsoft SQL Server 2000 contain an extended stored procedure, xpexecresultset , that permits an unprivileged user of a database to gain administrative...
Security Bulletin MS02-043: Cumulative Patch for SQL Server (Q316333)
--------------------------------------------------------------------- Title: Cumulative Patch for SQL Server Q316333 Date: 14 August, 2002 Software: Microsoft SQL Server Impact: Elevation of privilege Max Risk: Moderate Bulletin: MS02-043 Microsoft encourages customers to review the Security...
Microsoft Windows SQL Server allows arbitrary queries to be executed via "xp_displayparamstmt" extended procedure
Overview MS SQL Server contains an extended stored procedure with inappropriate permission settings. Description Microsoft SQL Server 7.0 and Microsoft SQL Server 2000 contain an extended stored procedure, xpdisplayparamstmt , that permits an unprivileged user of a database to gain administrative...
Microsoft SQL 2000/7.0 - Agent Jobs Privilege Escalation
source: https://www.securityfocus.com/bid/5483/info Microsoft SQL Server 2000 uses an Agent which is responsible for restarting the SQL Server service, replication, and running scheduled jobs. Some of the jobs that the Agent executes have weak permissions, which could allow a user with low...
Microsoft SQL 20007.0 - Agent Jobs Privilege Escalation
Microsoft SQL 20007.0 - Agent Jobs Privilege Escalation source: https://www.securityfocus.com/bid/5483/info Microsoft SQL Server 2000 uses an Agent which is responsible for restarting the SQL Server service, replication, and running scheduled jobs. Some of the jobs that the Agent executes have we...
sql2kx2.txt
!/usr/local/bin/perl ----------------------------------------------------------- Exploit will create file '\scansql2kbo2.' SQL Server 2000 'Hello Bug' for Win2kSP2 by [email protected] & spoonfork Bug found by Dave Aitel http://online.securityfocus.com/archive/1/286311/2002-08-02/2002-08-08/...
CVE-2000-1209
The "sa" account is installed with a default null password on 1 Microsoft SQL Server 2000, 2 SQL Server 7.0, and 3 Data Engine MSDE 1.0, including third party packages that use these products such as 4 Tumbleweed Secure Mail MMS 5 Compaq Insight Manager, and 6 Visio 2000, which allows remote...