PT-2002-2125 · Microsoft · Sql Server 2000+1

Published

2002-09-24

Updated

2018-10-12

CVE-2002-1123

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server 2000 Microsoft Desktop Engine (MSDE) 2000

Description: A buffer overflow issue exists in the authentication function, allowing remote attackers to execute arbitrary code by sending a long request to TCP port 1433.

Recommendations: For Microsoft SQL Server 2000, apply the available patch to fix the buffer overflow issue. For Microsoft Desktop Engine (MSDE) 2000, apply the available patch to fix the buffer overflow issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1123

Affected Products

Desktop Engine (Msde) 2000

Sql Server 2000

PT-2002-2125 · Microsoft · Sql Server 2000+1

CVE-2002-1123

Related Identifiers

Affected Products

References · 10