PT-2002-1672 · Microsoft · Sql Server Desktop Engine (Msde) 2000+1

Publicado

2002-07-12

Atualizado

2018-10-12

CVE-2002-0624

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Microsoft SQL Server 2000 versions Microsoft SQL Server Desktop Engine (MSDE) 2000 versions

Description A buffer overflow issue exists in the password encryption function, allowing remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication.

Recommendations For Microsoft SQL Server 2000, apply the necessary patch to fix the buffer overflow issue in the password encryption function. For Microsoft SQL Server Desktop Engine (MSDE) 2000, apply the necessary patch to fix the buffer overflow issue in the password encryption function.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-0624

Produtos afetados

Sql Server 2000

Sql Server Desktop Engine (Msde) 2000

PT-2002-1672 · Microsoft · Sql Server Desktop Engine (Msde) 2000+1

CVE-2002-0624

Identificadores relacionados

Produtos afetados

Referências · 5