Microsoft SQL Server 2000 Multiple Vulnerabilities
BID:13564
Info
Microsoft SQL Server 2000 Multiple Vulnerabilities
| Bugtraq ID: | 13564 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | Unknown |
| Published: | May 09 2005 12:00AM |
| Updated: | May 09 2005 12:00AM |
| Credit: | Microsoft reported these issues. |
| Vulnerable: |
Microsoft SQL Server 2000 SP3a Microsoft SQL Server 2000 SP3 Microsoft SQL Server 2000 SP2 Microsoft SQL Server 2000 SP1 Microsoft SQL Server 2000 |
| Not Vulnerable: |
Microsoft SQL Server 2000 Client 8.0 SP3 |
Discussion
Microsoft SQL Server 2000 Multiple Vulnerabilities
Microsoft has released Microsoft SQL Server 2000 Service Pack 4. This release addresses various potential security vulnerabilities. If exploited, these issues may allow remote attackers to cause denial of service conditions, bypass database policy, disclose sensitive information, and potentially execute arbitrary code.
Microsoft has released Microsoft SQL Server 2000 Service Pack 4. This release addresses various potential security vulnerabilities. If exploited, these issues may allow remote attackers to cause denial of service conditions, bypass database policy, disclose sensitive information, and potentially execute arbitrary code.
Exploit / POC
Microsoft SQL Server 2000 Multiple Vulnerabilities
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Microsoft SQL Server 2000 Multiple Vulnerabilities
Solution:
Microsoft has released KB Articles 888799 and 888800 with fix information to address these issues. These issues have been addressed in SQL Server 2000 Service Pack 4 and SQL Server 2000 Analysis Services Service Pack 4 for supported platforms.
Microsoft SQL Server 2000
Microsoft SQL Server 2000 SP3
Microsoft SQL Server 2000 SP1
Microsoft SQL Server 2000 SP3a
Microsoft SQL Server 2000 SP2
Solution:
Microsoft has released KB Articles 888799 and 888800 with fix information to address these issues. These issues have been addressed in SQL Server 2000 Service Pack 4 and SQL Server 2000 Analysis Services Service Pack 4 for supported platforms.
Microsoft SQL Server 2000
-
Microsoft Microsoft SQL Server 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?familyid=8E2DFC8D-C20E -4446-99A9-B7F0213F8BC5&displaylang=en
Microsoft SQL Server 2000 SP3
-
Microsoft Microsoft SQL Server 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?familyid=8E2DFC8D-C20E -4446-99A9-B7F0213F8BC5&displaylang=en
Microsoft SQL Server 2000 SP1
-
Microsoft Microsoft SQL Server 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?familyid=8E2DFC8D-C20E -4446-99A9-B7F0213F8BC5&displaylang=en
Microsoft SQL Server 2000 SP3a
-
Microsoft Microsoft SQL Server 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?familyid=8E2DFC8D-C20E -4446-99A9-B7F0213F8BC5&displaylang=en
Microsoft SQL Server 2000 SP2
-
Microsoft Microsoft SQL Server 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?familyid=8E2DFC8D-C20E -4446-99A9-B7F0213F8BC5&displaylang=en
References
Microsoft SQL Server 2000 Multiple Vulnerabilities
References:
References:
- How to obtain the latest SQL Server 2000 service pack (Microsoft)
- Knowledge Base Article - 888799 (Microsoft)
- Knowledge Base Article - 888800 (Microsoft)