1417 matches found
CVE-2003-0496
Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xpfileexist extended stored procedure with a named pipe as an argument instead of a normal file...
Named Pipe Filename Local Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Named Pipe Filename Local Privilege Escalation Release Date: 07/08/2003 Application: Microsoft SQL Server Platform: Windows NT/2000/XP Severity: Local privilege escalation Author: Andreas...
Microsoft SQL Server 7.0/2000 JET Database Engine 4.0 - Buffer Overrun
source: https://www.securityfocus.com/bid/7541/info Microsoft SQL Server is prone to an exploitable buffer overrun vulnerability via the Jet Database Engine. This can occur while the JET 4.0 OLE DB data provider is querying data supplied via a remote source and is due to insufficient bounds...
Microsoft SQL Server 7.02000 JET Database Engine 4.0 - Buffer Overrun
Microsoft SQL Server 7.02000 JET Database Engine 4.0 - Buffer Overrun source: https://www.securityfocus.com/bid/7541/info Microsoft SQL Server is prone to an exploitable buffer overrun vulnerability via the Jet Database Engine. This can occur while the JET 4.0 OLE DB data provider is querying dat...
CVE-2002-0859
Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code...
CVE-2002-0187
Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."...
CVE-2002-0186
CVE-2002-0186 describes a buffer overflow in the Microsoft SQLXML ISAPI extension for SQL Server 2000. The flaw arises from inadequate validation of the contenttype parameter in SQLXML HTTP requests, allowing a remote attacker to trigger a crash or execute arbitrary code (the extension runs with ...
CVE-2002-0650
CVE-2002-0650 affects Microsoft SQL Server 2000’s Resolution Service on UDP port 1434. A forged ping from one server to another (both using 1434) can trigger the Resolution Service to exchange referrals/pings in an infinite loop, causing a denial of service (bandwidth/resource exhaustion) between...
CVE-2002-0859
CVE-2002-0859 describes a buffer overflow in the OpenDataSource function of the Jet engine used by Microsoft SQL Server 2000. The vulnerability permits remote attackers to execute arbitrary code, affecting the system via the Jet engine component. The available records indicate the issue arises fr...
CVE-2002-0650
The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service bandwidth consumption via a "ping" style packet to the Resolution Service UDP port 1434 with a spoofed IP address of another SQL Server system, which causes the two servers to exchange...
Microsoft SQL Server 2000 Vulnerabilities in Cisco Products - MS02-061
...
Microsoft SQL Server Detection (credentialed check)
Nessus has detected one or more installs of Microsoft SQL server by examining the registry and file systems on the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid11217; scriptversion"1.157";...
MS SQL Worm Mitigation Recommendations
...
MS02-061: Microsoft SQL Server Multiple Vulnerabilities (uncredentialed check)
The remote MS SQL server is affected by several overflows that could be exploited by an attacker to gain SYSTEM access on that host. Note that a worm sapphire is exploiting these vulnerabilities in the wild. C Tenable Network Security, Inc. ping code taken from mssqlping by H D Moore MS02-061...
CVE-2002-1872
Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption XOR, which allows remote attackers to sniff and decrypt the password...
CVE-2002-1981
Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the 1 spMSSetServerProperties or 2 spMSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings...
PT-2002-2594 · Microsoft · Sql Server
Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server versions 6.0 through 2000 Description: The issue allows remote attackers to sniff and decrypt passwords due to the use of weak password encryption XOR when SQL Authentication is enabled. Recommendations: For Microsoft SQL...
CVE-2002-1145
The xprunwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine MSDE 1.0, and Microsoft Desktop Engine MSDE 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is owned by the database owne...
CVE-2002-1145
The xprunwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine MSDE 1.0, and Microsoft Desktop Engine MSDE 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is owned by the database owne...
Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002)
NGSSoftware Insight Security Research Advisory Name: Microsoft SQL Server Webtasks privilege elevation Systems: Microsoft SQL Server 2000 and 7 Severity: High Risk Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected] Advisory URL:...