4418 matches found
CVE-2000-0199
When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password...
CVE-2000-0202
Microsoft SQL Server 7.0 and Microsoft Data Engine MSDE 1.0 allow remote attackers to gain privileges via a malformed Select statement in an SQL query...
MS99-059: Microsoft SQL Server Crafted TCP Packet Remote DoS (uncredentialed check)
The remote Microsoft SQL server can be shut down when it is sent a TCP packet containing more than 2 NULLs. An attacker may use this problem to prevent it from being used by legitimate clients, thus threatening your business. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Microsoft SQL Server 7.07.0 SP1 - NULL Data Denial of Service
Microsoft SQL Server 7.07.0 SP1 - NULL Data Denial of Service // source: https://www.securityfocus.com/bid/817/info If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data it will crash. The crash will generate an event in the log with ID 17055 "fatal exception...
Microsoft SQL Server 7.0/7.0 SP1 - NULL Data Denial of Service
// source: https://www.securityfocus.com/bid/817/info If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data it will crash. The crash will generate an event in the log with ID 17055 "fatal exception EXCEPTIONACCESS VIOLATION". / sqldos.c -- a DoS attack agains MS...
Microsoft SQL Server TCP/IP Listener Detection
The remote host is running MSSQL, a database server from Microsoft. It is possible to extract the version number of the remote installation from the server pre-login response. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10144; scriptversion"1.62";...
ms.sql.enterprise.manager.txt
Date: Thu, 4 Mar 1999 19:52:15 -0500 From: [email protected] To: [email protected] I've come across an issue regarding Microsoft SQL Server 6.0 and 6.5. SQL Server has a management tool called SQL Explorer used to manage the server. If your SQL Server is set to use normal...
CVE-1999-1556
Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value...
SQL Server 2014 Service Pack 1 Cumulative Update (CU) 9 KB3186964
SQL Server 2014 Service Pack 1 Cumulative Update CU 9 KB3186964...
SQL Server 2022 RTM Cumulative Update (CU) 24 KB5080999
SQL Server 2022 RTM Cumulative Update CU 24 KB5080999...
SQL Server 2017 RTM Cumulative Update (CU) 28 KB5008084
SQL Server 2017 RTM Cumulative Update CU 28 KB5008084...
SQL Server 2017 RTM Cumulative Update (CU) 4 KB4056498
SQL Server 2017 RTM Cumulative Update CU 4 KB4056498...
SQL Server 2019 RTM Cumulative Update (CU) 17 KB5016394
SQL Server 2019 RTM Cumulative Update CU 17 KB5016394...
SQL Server 2025 RTM Cumulative Update (CU) 2 KB5075211
SQL Server 2025 RTM Cumulative Update CU 2 KB5075211...
SQL Server 2012 Service Pack 1 Setup Update (KB2674319)
SQL Server 2012 Service Pack 1 Setup Update KB2674319...
Microsoft SQL Server 2012 SP2 Cumulative Update (CU) 10 KB3120313
Microsoft SQL Server 2012 SP2 Cumulative Update CU 10 KB3120313...
Critical Update for SQL Server 2000 Desktop Engine (Windows) on Windows Server 2003 (KB829358)
Critical Update for SQL Server 2000 Desktop Engine Windows on Windows Server 2003 KB829358...
SQL Server 2016 Service Pack 1 Cumulative Update (CU) 1 KB3208177
SQL Server 2016 Service Pack 1 Cumulative Update CU 1 KB3208177...
SQL Server 2022 RTM Cumulative Update (CU) 21 KB5065865
SQL Server 2022 RTM Cumulative Update CU 21 KB5065865...
SQL Server 2022 RTM Cumulative Update (CU) 2 KB5023127
SQL Server 2022 RTM Cumulative Update CU 2 KB5023127...