Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2000-1209

Published: 12/08/2002 Updated: 07/11/2023
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Compaq

Vulnerability Summary

The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote malicious users to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.

Vulnerable Product Search on Vulmon Subscribe to Product

compaq insight manager xe 2.1b

microsoft data engine 1.0

compaq insight manager xe 1.1

compaq insight manager xe 1.21

compaq insight manager xe 2.1

compaq insight manager 7.0

compaq insight manager xe 2.1c

microsoft msde 2000

compaq insight manager xe 2.2

Exploits

Exploit DB: Microsoft SQL Server - Payload Execution (via SQL Injection) (Metasploit)
## # $Id: mssql_payload_sqlirb 11730 2011-02-08 23:31:44Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' cl ...
Exploit DB: Microsoft SQL Server - Payload Execution (Metasploit)
## # $Id: mssql_payloadrb 11392 2010-12-21 20:36:34Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class M ...

References

NVD-CWE-Otherhttp://www.kb.cert.org/vuls/id/635463http://www.iss.net/security_center/static/1459.phphttp://security-archive.merton.ox.ac.uk/bugtraq-200008/0233.htmlhttp://www.microsoft.com/security/security_bulletins/ms02020_sql.asphttp://www.securityfocus.com/bid/4797http://online.securityfocus.com/archive/1/273639http://www.osvdb.org/3570http://marc.info/?l=bugtraq&m=96593218804850&w=2http://marc.info/?l=bugtraq&m=96644570412692&w=2http://marc.info/?l=bugtraq&m=96333895000350&w=2http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ313418http://support.microsoft.com/default.aspx?scid=kb%3BEN-US%3Bq321081https://nvd.nist.govhttps://www.exploit-db.com/exploits/16394/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook