PT-2002-1672 · Microsoft · Sql Server Desktop Engine (Msde) 2000+1

Published

2002-07-12

Updated

2018-10-12

CVE-2002-0624

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Microsoft SQL Server 2000 versions Microsoft SQL Server Desktop Engine (MSDE) 2000 versions

Description A buffer overflow issue exists in the password encryption function, allowing remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication.

Recommendations For Microsoft SQL Server 2000, apply the necessary patch to fix the buffer overflow issue in the password encryption function. For Microsoft SQL Server Desktop Engine (MSDE) 2000, apply the necessary patch to fix the buffer overflow issue in the password encryption function.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0624

Affected Products

Sql Server 2000

Sql Server Desktop Engine (Msde) 2000

PT-2002-1672 · Microsoft · Sql Server Desktop Engine (Msde) 2000+1

CVE-2002-0624

Related Identifiers

Affected Products

References · 5