Multiple Vulnerabilities in Microsoft SQL Server 2000 and 7.0 - 02 Jan 2002

Reported December 20, 2001, by @Stake.



  • Microsoft SQL Server 2000

  • Microsoft SQL Server 7.0 


Multiple vulnerabilities exist in Microsoft SQL Server 2000 and 7.0. The first vulnerability is a result of several functions that let the SQL database generate text messages. By not adequately verifying that the text fits into the allocated buffer space, a buffer overrun can result using the service's security context.


The second vulnerability results because of a format string error in the C runtime functions that SQL Server calls when you install the software on Windows XP, Windows 2000, and Windows NT 4.0 systems. An attacker can use this vulnerability to cause a Denial of Service (DoS) condition. Users can learn specific details about these vulnerabilities on the discoverer’s Web site.



The vendor, Microsoft, has released Security Bulletin MS01-060 to address these vulnerabilities and recommends that affected users immediately apply the patches provided with the bulletin. Microsoft cautions users about the risk of applying the C runtime patch—if a regression error were to result from applying the patch, the results might be widespread and damaging.


Discovered by Chris Anley and Chris Wysopal of @Stake.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.