Prince_Serendip
October 8th, 2002, 03:33 AM
Multiple Microsoft SQL Server Vulnerabilities
Risk
High
Date Discovered
10-02-2002
Description
Microsoft has released a security bulletin reporting multiple vulnerabilities in Microsoft SQL Server.
The first of these issues is a buffer overflow in SQL Server user authentication. It is possible to corrupt memory with a malformed login request. This may enable an attacker to execute arbitrary code with the privileges of the SQL Server process. Malformed login requests may also cause a denial of service. It is possible to trigger this condition prior to authenticating with the server. This issue affects Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000.
Read more..... (http://securityresponse.symantec.com/avcenter/security/Content/5868.html)
Risk
High
Date Discovered
10-02-2002
Description
Microsoft has released a security bulletin reporting multiple vulnerabilities in Microsoft SQL Server.
The first of these issues is a buffer overflow in SQL Server user authentication. It is possible to corrupt memory with a malformed login request. This may enable an attacker to execute arbitrary code with the privileges of the SQL Server process. Malformed login requests may also cause a denial of service. It is possible to trigger this condition prior to authenticating with the server. This issue affects Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000.
Read more..... (http://securityresponse.symantec.com/avcenter/security/Content/5868.html)