4418 matches found
CVE-2000-1085
The xppeekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine MSDE does not properly restrict the length of a buffer before calling the srvparaminfo function in the SQL Server API for Extended Stored Procedures XP, which allows an attacker to cause a denial of service or...
CVE-2000-1086
The CVE-2000-1086 entry affects Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE). The vulnerability lies in the xp_printstatements function, which fails to properly restrict the length of a buffer before calling srv_paraminfo in the SQL Server API for Extended Stored Procedures (XP)...
CVE-2000-1085
The vulnerability CVE-2000-1085 affects Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE). It concerns the xp_peekqueue function, where the length of a buffer is not properly restricted before invoking srv_paraminfo in the SQL Server API for Extended Stored Procedures (XP). This coul...
CVE-2000-1087
The CVE-2000-1087 vulnerability affects Microsoft SQL Server 2000 and MSDE, where the xp_proxiedmetadata function fails to properly restrict buffer length before invoking srv_paraminfo in the Extended Stored Procedures API. This can allow a local attacker to cause a denial of service or execute a...
CVE-2000-1087
The xpproxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine MSDE does not properly restrict the length of a buffer before calling the srvparaminfo function in the SQL Server API for Extended Stored Procedures XP, which allows an attacker to cause a denial of service ...
CVE-2000-1082
The OpenVAS entry confirms CVE-2000-1082 affects Microsoft SQL Server and MSDE via the Extended Stored Procedures interface. The issue is in xp_enumresultset, where the function does not properly restrict the length of a buffer before calling srv_paraminfo, enabling denial of service or arbitrary...
CVE-2000-1088
CVE-2000-1088 affects Microsoft SQL Server 2000 and MSDE via the Extended Stored Procedures API. The vulnerability lies in xp_SetSQLSecurity not properly restricting the buffer length before calling srv_paraminfo, enabling a attacker to cause a denial of service or execute arbitrary commands. The...
CVE-2000-1084
The CVE-2000-1084 issue affects Microsoft SQL Server and SQL Server Desktop Engine (MSDE) via Extended Stored Procedures. The vulnerable component is xp_updatecolvbm, which does not properly restrict buffer length before calling srv_paraminfo in the XP API, enabling a potential denial of service ...
CVE-2000-1088
The xpSetSQLSecurity function in Microsoft SQL Server 2000 and SQL Server Desktop Engine MSDE does not properly restrict the length of a buffer before calling the srvparaminfo function in the SQL Server API for Extended Stored Procedures XP, which allows an attacker to cause a denial of service o...
CVE-2000-1082
The xpenumresultset function in SQL Server and Microsoft SQL Server Desktop Engine MSDE does not properly restrict the length of a buffer before calling the srvparaminfo function in the SQL Server API for Extended Stored Procedures XP, which allows an attacker to cause a denial of service or...
CVE-2000-1083
The CVE describes a buffer-length validation flaw in xp_showcolv within SQL Server and MSDE’s Extended Stored Procedures. The xp_showcolv path can overrun a buffer before srv_paraminfo is invoked, enabling denial of service or arbitrary command execution. Affected products are SQL Server and MSDE...
@stake Advisory: Microsoft SQL Server extended stored procedure vulnerability (A120100-1)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake Inc. www.atstake.com Security Advisory Advisory Name: Microsoft SQL Server extended stored procedure vulnerability Release Date: 12/01/2000 Application: MS SQL Server 7.0 - all service packs MS SQL Server 2000 Platform: Windows NT 4.0 / 2000...
Security Bulletin MS00-092
The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------ Issue: Buffer overrun...
Дырка в SQL Server (Extended Stored Procedures)
Переполнение буфера в нескольких общщедоступных хранимых процедурах позволяет выполнение кода...
Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_showcolv Buffer Overflow
// source: https://www.securityfocus.com/bid/2038/info The API Srvparaminfo, which is implemented by Extended Stored Procedures XPs in Microsoft SQL Server and Data Engine, is susceptible to a buffer overflow vulnerability which may cause the application to fail or arbitrary code to be executed o...
Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_displayparamstmt Buffer Overflow
// source: https://www.securityfocus.com/bid/2030/info The API Srvparaminfo, which is implemented by Extended Stored Procedures XPs in Microsoft SQL Server and Data Engine, is susceptible to a buffer overflow vulnerability which may cause the application to fail or arbitrary code to be executed o...
Microsoft SQL Server 7.02000 Data Engine 1.02000 - xp_showcolv Buffer Overflow
Microsoft SQL Server 7.02000 Data Engine 1.02000 - xpshowcolv Buffer Overflow // source: https://www.securityfocus.com/bid/2038/info The API Srvparaminfo, which is implemented by Extended Stored Procedures XPs in Microsoft SQL Server and Data Engine, is susceptible to a buffer overflow...
Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_peekqueue Buffer Overflow
// source: https://www.securityfocus.com/bid/2040/info The API Srvparaminfo, which is implemented by Extended Stored Procedures XPs in Microsoft SQL Server and Data Engine, is susceptible to a buffer overflow vulnerability which may cause the application to fail or arbitrary code to be executed o...
Microsoft SQL Server 7.02000 Data Engine 1.02000 - xp_peekqueue Buffer Overflow
Microsoft SQL Server 7.02000 Data Engine 1.02000 - xppeekqueue Buffer Overflow // source: https://www.securityfocus.com/bid/2040/info The API Srvparaminfo, which is implemented by Extended Stored Procedures XPs in Microsoft SQL Server and Data Engine, is susceptible to a buffer overflow...
Microsoft SQL Server 7.02000 Data Engine 1.02000 - xp_displayparamstmt Buffer Overflow
Microsoft SQL Server 7.02000 Data Engine 1.02000 - xpdisplayparamstmt Buffer Overflow // source: https://www.securityfocus.com/bid/2030/info The API Srvparaminfo, which is implemented by Extended Stored Procedures XPs in Microsoft SQL Server and Data Engine, is susceptible to a buffer overflow...