QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2002-0649

Back to search

CVE-2002-0649

Published: Jul 26, 2002

Modified: Aug 8, 2024

PUBLISHED

Description

Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm.

VendorProductVersions

n/a

n/a

affected
n/a

References

20030125 Sapphire SQL Worm Analysis Complete
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:1077
vdb-entry
signature
x_refsource_OVAL
CA-2002-22
third-party-advisory
x_refsource_CERT
VU#484891
third-party-advisory
x_refsource_CERT-VN
VU#399260
third-party-advisory
x_refsource_CERT-VN
7945
third-party-advisory
x_refsource_SECUNIA
20030128 Re: MSDE contained in...
mailing-list
x_refsource_BUGTRAQ
20030125 SQL Sapphire Worm Analysis
mailing-list
x_refsource_BUGTRAQ
20030129 Re: MSDE contained in...
mailing-list
x_refsource_BUGTRAQ
MS02-039
vendor-advisory
x_refsource_MS
20030126 Tool: Sapphire SQL Worm Scanner
mailing-list
x_refsource_BUGTRAQ
CA-2003-04
third-party-advisory
x_refsource_CERT
5310
vdb-entry
x_refsource_BID
20030130 RE: MSDE contained in...
mailing-list
x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now