Test Kennung:	1.3.6.1.4.1.25623.1.0.800105
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft SQL Server Elevation of Privilege Vulnerabilities (941203)
Zusammenfassung:	This host has Microsoft SQL Server, which is prone to Privilege; Escalation Vulnerabilities.
Beschreibung:	Summary: This host has Microsoft SQL Server, which is prone to Privilege Escalation Vulnerabilities. Vulnerability Insight: The flaws are due to - error when initializing memory pages, while reallocating memory. - buffer overflow error in the convert function, while handling malformed input strings. - memory corruption error, while handling malformed data structures in on-disk files. - buffer overflow error, while processing malformed insert statements. Vulnerability Impact: Successful exploitation allows remote attackers to execute arbitrary code, with a crafted SQL expression or Exposure of sensitive information or Privilege escalation. Affected Software/OS: - Microsoft SQL Server 2000 Service Pack 4 - Microsoft SQL Server 2005 Service Pack 2 - Microsoft SQL Server 2005 Edition Service Pack 2 - Microsoft SQL Server 2005 Express Edition Service Pack 2 - Microsoft SQL Server 2005 Express Edition with Advanced Services Service Pack 2 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0085 Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search) http://www.securityfocus.com/archive/1/516397/100/0/threaded Cert/CC Advisory: TA08-190A http://www.us-cert.gov/cas/techalerts/TA08-190A.html Microsoft Security Bulletin: MS08-040 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-040 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14213 http://www.securitytracker.com/id?1020441 http://secunia.com/advisories/30970 http://www.vupen.com/english/advisories/2008/2022/references Common Vulnerability Exposure (CVE) ID: CVE-2008-0086 Bugtraq: 20080708 Re: [Full-disclosure] iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/494082/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14052 Common Vulnerability Exposure (CVE) ID: CVE-2008-0106 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13785 Common Vulnerability Exposure (CVE) ID: CVE-2008-0107 BugTraq ID: 30119 http://www.securityfocus.com/bid/30119 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=723 http://www.insomniasec.com/advisories/ISVA-080709.1.htm https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13936
Copyright	Copyright (C) 2008 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.