Vulnerabilities > CVE-2000-1088 - Buffer Overflow vulnerability in Microsoft Data Engine and SQL Server

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

microsoft

NVD

Published: 2001-01-09

Updated: 2018-10-12

Summary

The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Data Engine 1.0 Microsoft Data Engine 2000 Microsoft SQL Server 7.0 Microsoft SQL Server 2000	4

References

http://marc.info/?l=bugtraq&m=97570884410184&w=2
http://www.securityfocus.com/bid/2043
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-092