Lucene search
SAINT CorporationSAINT:CC9E27887D6F3587ACCEDA9AD42F9D39HistoryFeb 05, 2006 - 12:00 a.m.
Microsoft SQL Server 2000 resolution service buffer overflow
2006-02-0500:00:00
SAINT Corporation
www.saintcorporation.com
19
EPSS
0.964
Percentile
99.6%
Added: 02/05/2006
CVE: CVE-2002-0649
BID: 5310
OSVDB: 4577
Background
Microsoft SQL Server is a database server package for Windows platforms. SQL Server 2000 introduced the SQL Server Resolution Service, which runs on port 1434/UDP and identifies the port on which each SQL Server instance runs.
Problem
A buffer overflow vulnerability in the SQL Server Resolution Service in SQL Server 2000 allows remote attackers to execute arbitrary commands.
Resolution
Apply the patch referenced in Microsoft Security Bulletin 02-039.
References
<http://www.kb.cert.org/vuls/id/399260>
Platforms
Windows
Related
metasploit
metasploit
MS02-039 Microsoft SQL Server Resolution Overflow
2005-11-26 11:16:36
saint
saint
Microsoft SQL Server 2000 resolution service buffer overflow
2006-02-05 00:00:00
Microsoft SQL Server 2000 resolution service buffer overflow
2006-02-05 00:00:00
Microsoft SQL Server 2000 resolution service buffer overflow
2006-02-05 00:00:00
nvd
nvd
CVE-2002-0649
2002-08-12 04:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft SQL 2000 Slammer Worm Denial of Service (CVE-2002-0649)
2014-06-09 00:00:00
MSSQL 2000MSDE Resolution Buffer Overflow - Ver2 (CVE-2002-0649)
2014-03-31 00:00:00
MS-SQL Monitor Protocol (CVE-2002-0649; CVE-2002-0650)
2005-02-01 00:00:00
exploitdb
exploitdb
Microsoft SQL Server - Resolution Overflow (MS02-039) (Metasploit)
2010-04-30 00:00:00
Microsoft SQL Server 2000 - Resolution Service Heap Overflow
2002-07-25 00:00:00
cert
cert
packetstorm
packetstorm
Microsoft SQL Server Resolution Overflow
2009-10-30 00:00:00
cvelist
cvelist
CVE-2002-0649
2002-07-26 04:00:00
cve
cve
CVE-2002-0649
2002-08-12 04:00:00
nessus
nessus