Vulnerabilities > CVE-2002-0624 - Unspecified vulnerability in Microsoft Msde and SQL Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication, aka "Unchecked Buffer in Password Encryption Procedure."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | Microsoft SQL Server 2000 Password Encrypt Procedure Buffer Overflow Vulnerability. CVE-2002-0624. Local exploit for windows platform |
id | EDB-ID:21549 |
last seen | 2016-02-02 |
modified | 2002-06-14 |
published | 2002-06-14 |
reporter | Martin Rakhmanoff |
source | https://www.exploit-db.com/download/21549/ |
title | Microsoft SQL Server 2000 Password Encrypt Procedure Buffer Overflow Vulnerability |
Oval
accepted | 2014-06-23T04:07:46.400-04:00 | ||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||
description | Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication, aka "Unchecked Buffer in Password Encryption Procedure." | ||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:291 | ||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||
submitted | 2003-10-10T12:00:00.000-04:00 | ||||||||||||||||||||||||||||||||||||
title | Unchecked Buffer in Password Encryption Procedure | ||||||||||||||||||||||||||||||||||||
version | 4 |