Vulnerabilities > CVE-2002-1123 - Remote Buffer Overflow vulnerability in Microsoft Data Engine and SQL Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Exploit-Db
description Microsoft SQL Server 2000 User Authentication Remote Buffer Overflow Vulnerability. CVE-2002-1123. Remote exploit for windows platform id EDB-ID:21693 last seen 2016-02-02 modified 2002-08-06 published 2002-08-06 reporter Dave Aitel source https://www.exploit-db.com/download/21693/ title Microsoft SQL Server 2000 User Authentication Remote Buffer Overflow Vulnerability description Microsoft SQL Server Hello Overflow. CVE-2002-1123. Remote exploit for windows platform id EDB-ID:16398 last seen 2016-02-01 modified 2010-04-30 published 2010-04-30 reporter metasploit source https://www.exploit-db.com/download/16398/ title Microsoft SQL Server Hello Overflow
Metasploit
description | By sending malformed data to TCP port 1433, an unauthenticated remote attacker could overflow a buffer and possibly execute code on the server with SYSTEM level privileges. This module should work against any vulnerable SQL Server 2000 or MSDE install (< SP3). |
id | MSF:EXPLOIT/WINDOWS/MSSQL/MS02_056_HELLO |
last seen | 2020-05-22 |
modified | 2017-07-24 |
published | 2006-01-16 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1123 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/mssql/ms02_056_hello.rb |
title | MS02-056 Microsoft SQL Server Hello Overflow |
Nessus
NASL family | Databases |
NASL id | MSSQL_HELLO_OVERFLOW.NASL |
description | The remote Microsoft SQL server is vulnerable to the Hello overflow. An attacker may use this flaw to execute commands against the remote host as LOCAL/SYSTEM, as well as read your database content. *** This alert might be a false positive. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11067 |
published | 2002-08-07 |
reporter | This script is Copyright (C) 2002-2018 Dave Aitel |
source | https://www.tenable.com/plugins/nessus/11067 |
title | Microsoft SQL Server Authentication Function Remote Overflow |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/83182/ms02_056_hello.rb.txt |
id | PACKETSTORM:83182 |
last seen | 2016-12-05 |
published | 2009-11-26 |
reporter | MC |
source | https://packetstormsecurity.com/files/83182/Microsoft-SQL-Server-Hello-Overflow.html |
title | Microsoft SQL Server Hello Overflow |
Saint
bid | 5411 |
description | Microsoft SQL Server Hello buffer overflow |
id | database_mssql_mssql |
osvdb | 10132 |
title | ms_sql_server_hello |
type | remote |
References
- http://marc.info/?l=bugtraq&m=102873609025020&w=2
- http://online.securityfocus.com/archive/1/286220
- http://www.ciac.org/ciac/bulletins/n-003.shtml
- http://www.iss.net/security_center/static/9788.php
- http://www.securityfocus.com/bid/5411
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-056