The keep-alive mechanism for Microsoft SQL Server 2000 allows remote malicious users to cause a denial of service (bandwidth consumption) via a "ping" style packet to the Resolution Service (UDP port 1434) with a spoofed IP address of another SQL Server system, which causes the two servers to exchange packets in an infinite loop.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft sql server 2000 |