 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.11067 |
| Category: | Databases |
| Title: | Microsoft SQL Server (MSSQL) Hello Overflow Vulnerability (Q316333) - Active Check |
| Summary: | Microsoft SQL Server (MSSQL) is prone to a hello overflow; vulnerability. |
| Description: | Summary: Microsoft SQL Server (MSSQL) is prone to a hello overflow vulnerability. Vulnerability Impact: An attacker may use this flaw to execute commands against the remote host as LOCAL/SYSTEM, as well as read your database content. Solution: Install Microsoft Patch Q316333 or disable the Microsoft SQL Server service or use a firewall to protect the MS SQL port (1433). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2002-1123 BugTraq ID: 5411 http://www.securityfocus.com/bid/5411 Bugtraq: 20020806 SPIKE 2.5 and associated vulns (Google Search) http://online.securityfocus.com/archive/1/286220 Bugtraq: 20020807 MS SQL Server Hello Overflow NASL script (Google Search) http://marc.info/?l=bugtraq&m=102873609025020&w=2 Computer Incident Advisory Center Bulletin: N-003 http://www.ciac.org/ciac/bulletins/n-003.shtml Cisco Security Advisory: Microsoft SQL Server 2000 Vulnerabilities in Cisco Products - MS02-061 Microsoft Security Bulletin: MS02-056 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-056 http://www.iss.net/security_center/static/9788.php |
| Copyright | Copyright (C) 2002 Dave Aitel |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |