Published: 24/09/2002 Updated: 12/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote malicious users to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft sql server 2000
microsoft data engine 2000

## # $Id: ms02_056_hellorb 9179 2010-04-30 08:40:19Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class M ...

source: wwwsecurityfocuscom/bid/5411/info A vulnerability has been discovered in Microsoft SQL Server that could make it possible for remote attackers to gain access to target hosts It is possible for an attacker to cause a buffer overflow condition on the vulnerable SQL server with a malformed login request This may allow a remote att ...

NVD-CWE-Other http://www.iss.net/security_center/static/9788.php http://online.securityfocus.com/archive/1/286220 http://www.ciac.org/ciac/bulletins/n-003.shtml http://www.securityfocus.com/bid/5411 http://marc.info/?l=bugtraq&m=102873609025020&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-056 https://nvd.nist.gov https://www.exploit-db.com/exploits/16398/

CVE-2002-1123

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect