Windows : Microsoft's SQL Overflows

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.11214
Categoría:	Windows
Título:	Microsoft's SQL Overflows
Resumen:	NOSUMMARY
Descripción:	Description: The remote host MS SQL server is vulnerable to several overflows which could be exploited by an attacker to gain SYSTEM access on that host. Note that a worm (sapphire) is exploiting this vulnerability in the wild. Solution : http://www.microsoft.com/technet/security/bulletin/ms02-061.mspx Risk factor : High
Referencia Cruzada:	BugTraq ID: 5309 BugTraq ID: 5310 BugTraq ID: 5311 BugTraq ID: 5312 BugTraq ID: 5481 BugTraq ID: 5483 BugTraq ID: 5877 BugTraq ID: 5980 Common Vulnerability Exposure (CVE) ID: CVE-2002-1137 http://www.securityfocus.com/bid/5877 Computer Incident Advisory Center Bulletin: N-003 http://www.ciac.org/ciac/bulletins/n-003.shtml Cisco Security Advisory: 20030203 Microsoft SQL Server 2000 Vulnerabilities in Cisco Products - MS02-061 http://www.cisco.com/warp/public/707/cisco-sa-20030126-ms02-061.shtml http://www.scan-associates.net/papers/foxpro.txt Microsoft Security Bulletin: MS02-056 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-056 XForce ISS Database: mssql-dbcc-bo-variant(10255) https://exchange.xforce.ibmcloud.com/vulnerabilities/10255 Common Vulnerability Exposure (CVE) ID: CVE-2002-1138 http://www.iss.net/security_center/static/10257.php Common Vulnerability Exposure (CVE) ID: CVE-2002-0649 http://www.securityfocus.com/bid/5310 Bugtraq: 20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002) (Google Search) http://marc.info/?l=bugtraq&m=102760196931518&w=2 Bugtraq: 20030125 Fw: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! (Google Search) http://www.securityfocus.com/archive/1/308321/30/26180/threaded Bugtraq: 20030125 MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! (Google Search) http://www.securityfocus.com/archive/1/308306/30/26180/threaded Bugtraq: 20030128 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! (Google Search) http://www.securityfocus.com/archive/1/308393/30/26180/threaded Bugtraq: 20030125 Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! (Google Search) http://www.securityfocus.com/archive/1/308324/30/26180/threaded Bugtraq: 20030125 SQL Sapphire Worm Analysis (Google Search) http://www.securityfocus.com/archive/1/308388/30/26180/threaded Bugtraq: 20030125 Sapphire SQL Worm Analysis Complete (Google Search) http://www.securityfocus.com/archive/1/308418/30/26150/threaded http://www.securityfocus.com/archive/1/308396/30/26150/threaded Bugtraq: 20030126 Tool: Sapphire SQL Worm Scanner (Google Search) http://www.securityfocus.com/archive/1/308419/30/26150/threaded http://www.securityfocus.com/archive/1/308760/30/26120/threaded Bugtraq: 20030129 Re: MSDE contained in... (Google Search) http://www.securityfocus.com/archive/1/308806/30/26120/threaded http://www.securityfocus.com/archive/1/309096/30/26120/threaded Bugtraq: 20030130 RE: MSDE contained in... (Google Search) http://www.securityfocus.com/archive/1/309324/30/26120/threaded Bugtraq: 20030201 The Spread of the Sapphire/Slammer SQL Worm (Google Search) http://www.securityfocus.com/archive/1/309776/30/26090/threaded http://www.cert.org/advisories/CA-2002-22.html http://www.cert.org/advisories/CA-2003-04.html CERT/CC vulnerability note: VU#399260 http://www.kb.cert.org/vuls/id/399260 CERT/CC vulnerability note: VU#484891 http://www.kb.cert.org/vuls/id/484891 Microsoft Security Bulletin: MS02-039 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-039 http://marc.info/?l=ntbugtraq&m=102760479902411&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1077 http://secunia.com/advisories/7945 Common Vulnerability Exposure (CVE) ID: CVE-2002-0650 http://www.securityfocus.com/bid/5312 http://www.osvdb.org/878 http://www.iss.net/security_center/static/9662.php Common Vulnerability Exposure (CVE) ID: CVE-2002-1145 http://www.securityfocus.com/bid/5980 Bugtraq: 20021017 Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002) (Google Search) http://marc.info/?l=bugtraq&m=103487044122900&w=2 http://www.nextgenss.com/advisories/mssql-webtasks.txt Microsoft Security Bulletin: MS02-061 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-061 http://marc.info/?l=ntbugtraq&m=103486356413404&w=2 http://www.iss.net/security_center/static/10388.php Common Vulnerability Exposure (CVE) ID: CVE-2002-0644 Microsoft Security Bulletin: MS02-038 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-038 Common Vulnerability Exposure (CVE) ID: CVE-2002-0645 Common Vulnerability Exposure (CVE) ID: CVE-2002-0721 Bugtraq: 20020816 Microsoft SQL Server Extended Stored Procdure privilege upgrade vulnerabilities (#NISR15002002A) (Google Search) http://marc.info/?l=bugtraq&m=102950473002959&w=2 CERT/CC vulnerability note: VU#399531 http://www.kb.cert.org/vuls/id/399531 CERT/CC vulnerability note: VU#818939 http://www.kb.cert.org/vuls/id/818939 CERT/CC vulnerability note: VU#939675 http://www.kb.cert.org/vuls/id/939675 http://www.ngssoftware.com/advisories/mssql-esppu.txt Microsoft Security Bulletin: MS02-043 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-043 http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0087.html http://marc.info/?l=ntbugtraq&m=102950792606475&w=2
Copyright	This script is Copyright (C) 2003 Renaud Deraison