Skip navigation
Menu
Data Analytics and Data Management>SQL

Unchecked Buffer in Microsoft SQL Server 2000 and 7.0

Reported February 20, 2002, by Microsoft.

VERSIONS AFFECTED

 

  • Microsoft SQL Server 2000

  • Microsoft SQL Server 7.0

 

DESCRIPTION
An unchecked buffer in the handling of OLE database provider names used in ad hoc connections exists in Microsoft SQL Server 2000 and 7.0. Depending upon the server’s configuration, the unchecked buffer can lead to a buffer overrun condition and remote compromise of the vulnerable server.

 

VENDOR RESPONSE

The vendor, Microsoft, has released Security Bulletin MS02-007, which addresses this vulnerability, and recommends that affected users see Microsoft article "FIX: Unchecked Buffer May Occur When You Connect to Remote Data Source" to immediately apply the appropriate patch.

 

CREDIT
Discovered by Cesar Cerrudo.

TAGS: Security
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
digital world map on warehouse background
How To Build an International Shipping Software System
Jan 30, 2024
PowerShell Analytics header.jpg
Interactive Data Analytics With PowerShell, SQL, and ChatGPT (Sample Script)
Sep 19, 2023
blue gears
How To Filter SQL Server Data in Windows PowerShell
Sep 15, 2023
PowerShell Chart hero.jpg
How To Visualize SQL Server Data in PowerShell (With Sample Script)
Sep 11, 2023