Buffer Overrun in Microsoft SQL Server 2000 Utilities - 01 Aug 2002

Cesar Cerrudo discovered two vulnerabilities in Microsoft SQL Server 2000 and Microsoft SQL Server Desktop Engine (MSDE) 2000. The vulnerabilities are related to a buffer overrun and SQL injection. Microsoft released Security Bulletin MS02-038 (Unchecked Buffer in SQL Server 2000 Utilities Could Allow Code Execution) to address these vulnerabilities and recommends that affected users download and apply the appropriate patch mentioned in the bulletin.


Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.