Published: 12/08/2002 Updated: 19/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote malicious users to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft data engine 2000
microsoft sql server 2000

source: wwwsecurityfocuscom/bid/5310/info A vulnerability in Microsoft SQL Server 2000 could allow remote attackers to access target hosts A problem in the SQL Server Resolution Service allows a remote attacker to execute arbitrary code on a vulnerable host The attacker could exploit a heap-based buffer overflow in the resolution serv ...

## # $Id: ms02_039_slammerrb 9179 2010-04-30 08:40:19Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class ...

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-0649

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect