4418 matches found
CVE-2002-0644
Buffer overflow in several Database Consistency Checkers DBCCs for Microsoft SQL Server 2000 and Microsoft Desktop Engine MSDE 2000 allows members of the dbowner and dbddladmin roles to execute arbitrary code...
CVE-2002-0649
Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 MSDE allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which 1 a 0x04 byte that causes the SQL Monitor thread to generate...
CVE-2000-1209
The "sa" account is installed with a default null password on 1 Microsoft SQL Server 2000, 2 SQL Server 7.0, and 3 Data Engine MSDE 1.0, including third party packages that use these products such as 4 Tumbleweed Secure Mail MMS 5 Compaq Insight Manager, and 6 Visio 2000, which allows remote...
CVE-2002-0650
The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service bandwidth consumption via a "ping" style packet to the Resolution Service UDP port 1434 with a spoofed IP address of another SQL Server system, which causes the two servers to exchange...
CVE-2002-0729
Microsoft SQL Server 2000 allows remote attackers to cause a denial of service via a malformed 0x08 packet that is missing a colon separator...
CVE-2002-0645
SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine MSDE 2000 may allow authenticated users to execute arbitrary commands...
CVE-2000-1209
The CVE-2000-1209 issue affects Microsoft SQL Server 2000, SQL Server 7.0, and Data Engine (MSDE) 1.0 where the sa account is installed with a default null password. This enables remote attackers to gain privileges and was exploited by worms such as Voyager Alpha Force and Spida, with third-party...
CVE-2000-1209
The "sa" account is installed with a default null password on 1 Microsoft SQL Server 2000, 2 SQL Server 7.0, and 3 Data Engine MSDE 1.0, including third party packages that use these products such as 4 Tumbleweed Secure Mail MMS 5 Compaq Insight Manager, and 6 Visio 2000, which allows remote...
Microsoft SQL Server Authentication Function Remote Overflow
The remote Microsoft SQL server is vulnerable to the Hello overflow. An attacker may use this flaw to execute commands against the remote host as LOCAL/SYSTEM, as well as read your database content. This alert might be a false positive. %NASLMINLEVEL 70300 Script audit and contributions from...
Microsoft SQL Server 2000 - User Authentication Remote Buffer Overflow
source: https://www.securityfocus.com/bid/5411/info A vulnerability has been discovered in Microsoft SQL Server that could make it possible for remote attackers to gain access to target hosts. It is possible for an attacker to cause a buffer overflow condition on the vulnerable SQL server with a...
Microsoft SQL Server 2000 - User Authentication Remote Buffer Overflow
Microsoft SQL Server 2000 - User Authentication Remote Buffer Overflow source: https://www.securityfocus.com/bid/5411/info A vulnerability has been discovered in Microsoft SQL Server that could make it possible for remote attackers to gain access to target hosts. It is possible for an attacker to...
Microsoft SQL Server User Authentication Remote Buffer Overflow Vulnerability
Description A vulnerability has been discovered in Microsoft SQL Server that could make it possible for remote attackers to gain access to target hosts. It is possible for an attacker to cause a buffer overflow condition on the vulnerable SQL server with a malformed login request. This may allow ...
Microsoft SQL Server 2000,7 OpenRowSet Buffer Overflow vulnerability (#NISR02072002)
NGSSoftware Insight Security Research Advisory Name: OpenRowSet Buffer Overflows Systems: Microsoft SQL Server 2000 and 7, all Service Packs Severity: High Risk Category: Remote Buffer Overrun Vulnerability Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected]...
Security Bulletin MS02-040: Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise (Q326573)
---------------------------------------------------------------------- Title: Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise Q326573 Date: 31 July 2002 Software: Microsoft Data Access Components Impact: Run code of attacker's choice Max Risk: Moderate Bulletin: MS02-040...
Microsoft SQL Server installation process leaves sensitive information on system
Overview Microsoft SQL server versions 7.0 and 2000, as well as MSDE 1.0, may leave installation and log files on the server after the installation process is complete. These files may contain senstitive information such as passwords used during the install. Users with authenticated access to the...
CVE-2002-0649
Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 MSDE allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which 1 a 0x04 byte that causes the SQL Monitor thread to generate...
CVE-2002-0644
Buffer overflow in several Database Consistency Checkers DBCCs for Microsoft SQL Server 2000 and Microsoft Desktop Engine MSDE 2000 allows members of the dbowner and dbddladmin roles to execute arbitrary code...
CVE-2002-0649
CVE-2002-0649 describes a remote buffer-overflow in the SQL Server Resolution Service of Microsoft SQL Server 2000 and MSDE (port 1434/UDP). The vulnerability is triggered by UDP packets beginning with 0x04 (long registry key name) or 0x08 (long string), which can cause a denial of service or arb...
CVE-2002-0645
Technical details for CVE-2002-0645 are not publicly provided in the connected documents; the available sources reference the vulnerability at a high level. Monitor for updates from official advisories.
CVE-2002-0645
SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine MSDE 2000 may allow authenticated users to execute arbitrary commands...