More DBCC overruns SQL SEVER 2000

To compliment http://online.securityfocus.com/archive/1/284382/2002-07-20/2002-07-26/0 there also exists another two bufferoverruns. Although not documented on MS they are fixed in http://download.microsoft.com/download/SQLSVR2000/Patch/8.00.0667/W98NT4 2KMeXP/EN-US/8.00.0667enu.exe 1 DBCC...

sql2kx2.txt

!/usr/local/bin/perl ----------------------------------------------------------- Exploit will create file '\scansql2kbo2.' SQL Server 2000 'Hello Bug' for Win2kSP2 by [email protected] & spoonfork Bug found by Dave Aitel http://online.securityfocus.com/archive/1/286311/2002-08-02/2002-08-08/...

CVE-2000-1209

The "sa" account is installed with a default null password on 1 Microsoft SQL Server 2000, 2 SQL Server 7.0, and 3 Data Engine MSDE 1.0, including third party packages that use these products such as 4 Tumbleweed Secure Mail MMS 5 Compaq Insight Manager, and 6 Visio 2000, which allows remote...

CVE-2002-0645

Technical details for CVE-2002-0645 are not publicly provided in the connected documents; the available sources reference the vulnerability at a high level. Monitor for updates from official advisories.

SQL Server 2000 Buffer Overflows and SQL Inyection vulnerabilities.

Security Advisory Name: SQL Server 2000 Buffer Overflows and SQL Inyection vulnerabilities. System Affected : Sql Server 2000 all Service Packs. Severity : High. Author: Cesar Cerrudo. Date: 07/25/2002 Advisory Number: CC070205 Overview: Database Consistency Checkers DBCCs are command console...

Microsoft SQL Server 2000 - Resolution Service Heap Overflow

Microsoft SQL Server 2000 - Resolution Service Heap Overflow source: https://www.securityfocus.com/bid/5310/info A vulnerability in Microsoft SQL Server 2000 could allow remote attackers to access target hosts. A problem in the SQL Server Resolution Service allows a remote attacker to execute...

Security Bulletin MS02-038: Cumulative Patch for SQL Server 2000 Service Pack 2 (Q316333)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Cumulative Patch for SQL Server 2000 Service Pack 2 Q316333 Date: 24 July 2002 Software: Microsoft SQL Server 2000, Microsoft Desktop Engine MSDE 2000 Impact: Two vulnerabilities, bo...

Microsoft SQL Server 2000 - sp_MScopyscript SQL Injection

Microsoft SQL Server 2000 - spMScopyscript SQL Injection source: https://www.securityfocus.com/bid/5309/info The Microsoft SQL Server 2000 spMScopyscript stored procedure does not sufficiently validate input before passing it to the xpcmdshell extended stored procedure. An attacker with the abili...

Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002)

NGSSoftware Insight Security Research Advisory Name: Unauthenticated Remote Compromise in MS SQL Server 2000 Systems: Microsoft SQL Server 2000, all Service Packs Severity: Critical/Very High Risk. Category: Remote Buffer Overrun Vulnerability Vendor URL: http://www.microsoft.com/ Author: David...

Microsoft SQL Server 2000 - Resolution Service Heap Overflow

source: https://www.securityfocus.com/bid/5310/info A vulnerability in Microsoft SQL Server 2000 could allow remote attackers to access target hosts. A problem in the SQL Server Resolution Service allows a remote attacker to execute arbitrary code on a vulnerable host. The attacker could exploit ...

Security Bulletin MS02-039: Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution (Q323875)

---------------------------------------------------------------------- Title: Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution Q323875 Date: 24 July 2002 Software: SQL Server 2000 Impact: Three vulnerabilities, the most serious of which could enable an attacker to...

Microsoft SQL Server 2000 - Database Consistency Checkers Buffer Overflow

source: https://www.securityfocus.com/bid/5307/info Microsoft SQL Server 2000 includes utilities called Database Consistency Checkers DBCC. Several of these programs contain identical buffer overflows that, when exploited, could allow an attacker to execute arbitrary code with the privilege level...

CVE-2002-0642

The registry key containing the SQL Server service account information in Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine MSDE 2000, has insecure permissions, which allows local users to gain privileges, aka "Incorrect Permission on SQL Server Service Account Registry Key...

CVE-2002-0643

The installation of Microsoft Data Engine 1.0 MSDE 1.0, and Microsoft SQL Server 2000 creates setup.iss files with insecure permissions and does not delete them after installation, which allows local users to obtain sensitive data, including weakly encrypted passwords, to gain privileges, aka "SQ...

CVE-2002-0641

Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine MSDE 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query...

CVE-2002-0643

The CVE-2002-0643 issue concerns Microsoft Data Engine 1.0 (MSDE 1.0) and Microsoft SQL Server 2000: the installation creates setup.iss files with insecure permissions and does not delete them after installation, enabling local users to access sensitive data such as the sa password and potentiall...

Security Bulletin MS02-034: Cumulative Patch for SQL Server (Q316333)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Cumulative Patch for SQL Server Q316333 Date: 10 July 2002 Software: SQL Server 2000 Impact: Elevation of privilege Max Risk: Moderate Bulletin: MS02-034 Microsoft encourages custome...

Microsoft SQL Server 2000 OpenDataSource Buffer Overflow (#NISR19062002)

NGSSoftware Insight Security Research Advisory Name: OpenDataSource Buffer Overflow Systems: Microsoft SQL Server 2000, all Service Packs Severity: High Risk Category: Remote Buffer Overrun Vulnerability Vendor URL: http://www.microsoft.com/ Author: Mark Litchfield [email protected] Contributo...

Microsoft SQL Server 2000 Microsoft Jet 4.0 Engine - Unicode Buffer Overflow (PoC)

Microsoft SQL Server 2000 Microsoft Jet 4.0 Engine - Unicode Buffer Overflow PoC source: https://www.securityfocus.com/bid/5057/info Microsoft SQL Server is prone to a remotely exploitable unicode-based buffer overflow condition. This condition occurs when the OpenDataSource function is used with...

Microsoft SQL Server 2000 pwdencrypt() buffer overflow

Microsoft SQL Server 2000 up to SP2 suffers from buffer/heap overflow in built-in hashing function pwdencrypt. Sample code shown below crashes SQL Server service and may lead to arbitrary code execution: SELECT pwdencryptREPLICATE'A',353 On some systems it may require lager amount of characters t...