Signature Detail

DB: Microsoft SQL Server INSERT Statement Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the Microsoft SQL Server INSERT Statement. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Microsoft SQL Server is prone to a remote memory-corruption vulnerability because it fails to perform adequate boundary checks on user-supplied input. Authenticated attackers can exploit this issue to execute arbitrary code and completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.

Affected Products

• Microsoft sql_server_2005 SP1
• Microsoft sql_server_2005 SP2
• Microsoft sql_server_2005_express_edition SP1
• Microsoft sql_server_2005_express_edition SP2
• Microsoft sql_server_2005_express_edition_with_advanced_serv SP1
• Microsoft sql_server_2005_express_edition_with_advanced_serv SP2
• Microsoft sql_server_2005_itanium_edition SP1
• Microsoft sql_server_2005_itanium_edition SP2
• Microsoft sql_server_2005_x64_edition SP1
• Microsoft sql_server_2005_x64_edition SP2
• Vmware vcenter 4.0
• Vmware vcenter 4.1
• Vmware vcenter_update_manager 1.0
• Vmware vcenter_update_manager 4.0
• Vmware vcenter_update_manager 4.1
• Vmware virtualcenter 2.5
• Vmware virtualcenter 2.5 Update 1
• Vmware virtualcenter 2.5 Update 2
• Vmware virtualcenter 2.5.Update 3 Build 11983
• Vmware virtualcenter 2.5 Update 4
• Vmware virtualcenter 2.5 Update 5
• Vmware virtualcenter 2.5 Update 6

References

• BugTraq: 30118
• CVE: CVE-2008-0106