Microsoft SQL Server 2000 - Password Encrypt procedure Buffer Overflow

Microsoft SQL Server 2000 - Password Encrypt procedure Buffer Overflow source: https://www.securityfocus.com/bid/5014/info A buffer overflow vulnerability has been reported in SQL Server 2000. The vunerability is a result of an unchecked buffer when using the password encrypt procedure. This...

Microsoft SQL Server 2000 - Password Encrypt procedure Buffer Overflow

source: https://www.securityfocus.com/bid/5014/info A buffer overflow vulnerability has been reported in SQL Server 2000. The vunerability is a result of an unchecked buffer when using the password encrypt procedure. This procedure is used by administrators to provides support for the storage of...

Microsoft SQL Server 2000 - SQLXML Script Injection

Microsoft SQL Server 2000 - SQLXML Script Injection source: https://www.securityfocus.com/bid/5005/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various method...

Microsoft SQL Server 2000 - SQLXML Buffer Overflow (PoC)

Microsoft SQL Server 2000 - SQLXML Buffer Overflow PoC source: https://www.securityfocus.com/bid/5004/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various...

Microsoft SQL Server 2000 - 'SQLXML' Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/5004/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various methods of communication, one of which is via HTTP. SQLXML...

Microsoft SQL Server 2000 - SQLXML Script Injection

source: https://www.securityfocus.com/bid/5005/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various methods of communication, one of which is via HTTP. SQLXML...

Many, many, many Sql Server 7 & 2000 Buffer Overflows

Security Advisory Name : Many, many, many Sql Server 7 & 2000 Buffer Overflows System Affected : Sql Server 7 & 2000 all service packs and fixes. Severity : High. Remote Exploit: Yes Author: Cesar Cerrudo. Date: 03/12/2002 Advisory Number: CC030203 Description : Well people it's the same old...

CVE-2001-0879

CVE-2001-0879 describes a format-string vulnerability in the C runtime functions used by Microsoft SQL Server 7.0 and 2000. The underlying issue is a format string handling flaw in the C runtime, which can allow an attacker to trigger a denial of service. The available connected documents confirm...

CVE-2002-0056

CVE-2002-0056 concerns Microsoft SQL Server 7.0 and 2000, where a buffer overflow is triggered by a long OLE DB provider name used with OpenDataSource or OpenRowset in an ad hoc connection. The resulting issue can allow an attacker to execute arbitrary code with the SQL Server service account’s p...

CVE-2001-0542

CVE-2001-0542 describes buffer/format-string vulnerabilities in Microsoft SQL Server 7.0 and 2000. The issues affect the built-in formatting functions raiserror, formatmessage, and xp_sprintf, allowing an attacker with SQL Server access to execute arbitrary code or potentially cause a denial of s...

CVE-2001-0879

Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service...

CVE-2001-0344

CVE-2001-0344 describes a privilege-escalation vulnerability in Microsoft SQL Server 2000 Gold and SQL Server 7.0 when running in Mixed Mode. An attacker with local database access could exploit reusing a cached sa administrator connection to gain privileges. The Initial Description states the vu...

CVE-2000-1087

The CVE-2000-1087 vulnerability affects Microsoft SQL Server 2000 and MSDE, where the xp_proxiedmetadata function fails to properly restrict buffer length before invoking srv_paraminfo in the Extended Stored Procedures API. This can allow a local attacker to cause a denial of service or execute a...

CVE-2000-1086

The CVE-2000-1086 entry affects Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE). The vulnerability lies in the xp_printstatements function, which fails to properly restrict the length of a buffer before calling srv_paraminfo in the SQL Server API for Extended Stored Procedures (XP)...

CVE-2000-1085

The vulnerability CVE-2000-1085 affects Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE). It concerns the xp_peekqueue function, where the length of a buffer is not properly restricted before invoking srv_paraminfo in the SQL Server API for Extended Stored Procedures (XP). This coul...

CVE-2000-1088

CVE-2000-1088 affects Microsoft SQL Server 2000 and MSDE via the Extended Stored Procedures API. The vulnerability lies in xp_SetSQLSecurity not properly restricting the buffer length before calling srv_paraminfo, enabling a attacker to cause a denial of service or execute arbitrary commands. The...

Critical Update for SQL Server 2000 Desktop Engine (Windows) on Windows Server 2003 (KB829358)

Critical Update for SQL Server 2000 Desktop Engine Windows on Windows Server 2003 KB829358...

Update for SQL Server 2000 Desktop Engine (SharePoint) on Windows Server 2003 (KB909544)

Update for SQL Server 2000 Desktop Engine SharePoint on Windows Server 2003 KB909544...

Security Update for SQL Server 2000 Service Pack 4 Failover Clustering (KB960082)

A security issue has been identified in the SQL Server 2000 Service Pack 4 that could allow an attacker to compromise your system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your comput...

Security Update for SQL Server 2000 Service Pack 4 (KB983811)

A security issue has been identified in the SQL Server 2000 Service Pack 4 that could allow an attacker to compromise your system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your comput...