This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
DB:MS-SQL:REPLWRITETIVARBIN-DB
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
DB
|
Keywords |
MSSQL Replwritetovarbin Query
|
Release Date |
2008/12/23
|
Update Number |
1336
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
DB: MSSQL Replwritetovarbin Query
This signature detects attempts to exploit a known vulnerability against Microsoft MS-SQL server. A successful attack can lead to arbitrary code execution.
Extended Description
Microsoft SQL Server is prone to a remote memory-corruption vulnerability because it fails to properly handle user-supplied input.
Authenticated attackers can exploit this issue to execute arbitrary code and completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.
The issue affects the following:
Microsoft SQL Server 2000
Microsoft SQL Server 2005
Affected Products
- Microsoft sql_server_2000 8.00.194
- Microsoft sql_server_2000 SP1
- Microsoft sql_server_2000 SP2
- Microsoft sql_server_2000 SP3
- Microsoft sql_server_2000 Sp3a
- Microsoft sql_server_2000 SP4
- Microsoft sql_server_2000
- Microsoft sql_server_2000_desktop_engine SP1
- Microsoft sql_server_2000_desktop_engine SP2
- Microsoft sql_server_2000_desktop_engine SP3
- Microsoft sql_server_2000_desktop_engine SP4
- Microsoft sql_server_2000_desktop_engine
- Microsoft sql_server_2000_desktop_engine
- Microsoft sql_server_2000_itanium_edition SP1
- Microsoft sql_server_2000_itanium_edition SP2
- Microsoft sql_server_2000_itanium_edition SP3
- Microsoft sql_server_2000_itanium_edition SP4
- Microsoft sql_server_2000_itanium_edition
- Microsoft sql_server_2005 SP1
- Microsoft sql_server_2005 SP2
- Microsoft sql_server_2005 Yukon
- Microsoft sql_server_2005
- Microsoft sql_server_2005_backward_compatibility 8.05.1054
- Microsoft sql_server_2005_books_online 9.00.1399.06
- Microsoft sql_server_2005_express_edition SP1
- Microsoft sql_server_2005_express_edition SP2
- Microsoft sql_server_2005_express_edition
- Microsoft sql_server_2005_express_edition_with_advanced_serv SP1
- Microsoft sql_server_2005_express_edition_with_advanced_serv SP2
- Microsoft sql_server_2005_integration_services 9.1.2047.00
- Microsoft sql_server_2005_itanium_edition SP1
- Microsoft sql_server_2005_itanium_edition SP2
- Microsoft sql_server_2005_itanium_edition
- Microsoft sql_server_2005_reporting_services 9.00.1399.06
- Microsoft sql_server_2005_tools 9.00.1399.06
- Microsoft sql_server_2005_upgrade_advisor 9.00.2407.00
- Microsoft sql_server_2005_x64_edition SP1
- Microsoft sql_server_2005_x64_edition SP2
- Microsoft windows_2000_advanced_server SP4
- Microsoft windows_2000_datacenter_server SP4
- Microsoft windows_2000_professional SP4
- Microsoft windows_2000_server SP4
- Microsoft windows_internal_database_(wyukon) SP1
- Microsoft windows_internal_database_(wyukon) SP2
- Microsoft windows_internal_database_(wyukon)
- Microsoft windows_internal_database_(wyukon)_x64 SP1
- Microsoft windows_internal_database_(wyukon)_x64 SP2
- Microsoft windows_internal_database_(wyukon)_x64
- Vmware vcenter 4.0
- Vmware vcenter 4.1
- Vmware vcenter_update_manager 1.0
- Vmware vcenter_update_manager 4.0
- Vmware vcenter_update_manager 4.1
- Vmware virtualcenter 2.5
- Vmware virtualcenter 2.5 Update 1
- Vmware virtualcenter 2.5 Update 2
- Vmware virtualcenter 2.5.Update 3 Build 11983
- Vmware virtualcenter 2.5 Update 4
- Vmware virtualcenter 2.5 Update 5
- Vmware virtualcenter 2.5 Update 6
References