Lucene search
MitreCVE-2002-0650HistoryApr 02, 2003 - 5:00 a.m.
CVE-2002-0650
2003-04-0205:00:00
mitre
web.nvd.nist.gov
51
microsoft sql server 2000
denial of service
spoofed ip
vulnerability
cve-2002-0650
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
7.1
Confidence
High
EPSS
0.133
Percentile
95.7%
The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service (bandwidth consumption) via a “ping” style packet to the Resolution Service (UDP port 1434) with a spoofed IP address of another SQL Server system, which causes the two servers to exchange packets in an infinite loop.
Affected configurations
Node
microsoftsql_serverMatch2000
ORmicrosoftsql_serverMatch2000sp1
ORmicrosoftsql_serverMatch2000sp2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | sql_server | 2000 | cpe:2.3:a:microsoft:sql_server:2000:*:*:*:*:*:*:* |
| microsoft | sql_server | 2000 | cpe:2.3:a:microsoft:sql_server:2000:sp1:*:*:*:*:*:* |
| microsoft | sql_server | 2000 | cpe:2.3:a:microsoft:sql_server:2000:sp2:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2002-0650
2003-04-02 05:00:00
nvd
nvd
CVE-2002-0650
2002-08-12 04:00:00
cert
cert
checkpoint_advisories
checkpoint_advisories
MS-SQL Monitor Protocol (CVE-2002-0649; CVE-2002-0650)
2005-02-01 00:00:00
nessus
nessus
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
7.1
Confidence
High
EPSS
0.133
Percentile
95.7%
Related for CVE-2002-0650