This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
DB:MS-SQL:CONVERT-OF
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
DB
|
Keywords |
Microsoft SQL Server Query Convert Parameter Overflow
|
Release Date |
2008/07/08
|
Update Number |
1213
|
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
DB: Microsoft SQL Server Query Convert Parameter Overflow
This signature detects attempts to exploit a known vulnerability in Microsoft's SQL Server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Microsoft SQL Server is prone to a remote memory-corruption vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Authenticated attackers can exploit this issue to execute arbitrary code and completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.
Affected Products
- Microsoft sql_server_2000 SP1
- Microsoft sql_server_2000 SP2
- Microsoft sql_server_2000 SP3
- Microsoft sql_server_2000 SP4
- Microsoft sql_server_2000
- Microsoft sql_server_2000_desktop_engine SP1
- Microsoft sql_server_2000_desktop_engine SP2
- Microsoft sql_server_2000_desktop_engine SP3
- Microsoft sql_server_2000_desktop_engine SP4
- Microsoft sql_server_2000_desktop_engine
- Microsoft sql_server_2000_itanium_edition SP1
- Microsoft sql_server_2000_itanium_edition SP2
- Microsoft sql_server_2000_itanium_edition SP3
- Microsoft sql_server_2000_itanium_edition SP4
- Microsoft sql_server_2000_itanium_edition
- Microsoft windows_2000_advanced_server SP4
- Microsoft windows_2000_datacenter_server SP4
- Microsoft windows_2000_professional SP4
- Microsoft windows_2000_server SP4
- Vmware vcenter 4.0
- Vmware vcenter 4.1
- Vmware vcenter_update_manager 1.0
- Vmware vcenter_update_manager 4.0
- Vmware vcenter_update_manager 4.1
- Vmware virtualcenter 2.5
- Vmware virtualcenter 2.5 Update 1
- Vmware virtualcenter 2.5 Update 2
- Vmware virtualcenter 2.5.Update 3 Build 11983
- Vmware virtualcenter 2.5 Update 4
- Vmware virtualcenter 2.5 Update 5
- Vmware virtualcenter 2.5 Update 6
References