Reported July 11, 2002, by
Microsoft.
VERSIONS AFFECTED
·
Microsoft SQL Server 2000, all editions
·
Microsoft SQL Server Desktop Engine (MSDE) 2000
DESCRIPTION
Multiple vulnerabilities exist in
SQL Server 2000 and MSDE 2000, the most severe of which can lead to remote
compromise of the vulnerable server. These vulnerabilities are
·
A buffer overrun vulnerability in a procedure that SQL
Server uses to encrypt credential information. An attacker who successfully
exploits this vulnerability can gain control over the database and possibly the
server, depending on SQL Server's account privileges.
·
A buffer overrun vulnerability in a procedure relating to
the bulk insertion of data in SQL Server’s tables. An attacker who
successfully exploits this vulnerability can gain control over the database and
possibly the server.
·
A privilege elevation vulnerability that results because of
incorrect permissions on the registry key that stores the SQL Server service
account information. An attacker who successfully exploits this vulnerability
can gain greater privileges on the system than the systems administrator has.
VENDOR RESPONSE
The
vendor, Microsoft, has released Security
Bulletin MS02-034
(Cumulative Patch for SQL Server) to address this vulnerability and recommends
that affected users download and apply the appropriate patch mentioned in the
bulletin. These patches are cumulative and address all previously discovered
vulnerabilities in the affected product.
CREDIT
Discovered by Cesar
Cerrudo and Mark Litchfield
of Next Generation Security Software.
Multiple Vulnerabilities in Microsoft SQL Server 2000 and MSDE
0 comments
Hide comments