| VID |
12022 |
| Severity |
40 |
| Port |
1434 |
| Protocol |
UDP |
| Class |
DB |
| Detailed Description |
The MS SQL server is vulnerable to several buffer overflows in the SQL resolution service port.
The SQL 2000 server flaw was discovered in July, 2002 by Next Generation Security Software Ltd. The buffer overflow exists because of the way SQL server improperly handles data sent to its Microsoft SQL Monitor port (1434/UDP). Attackers leveraging this vulnerability will be executing their code as SYSTEM, since Microsoft SQL Server 2000 runs with SYSTEM privileges.
Note that a worm dubbed the "Sapphire Worm" is exploiting this vulnerability in the wild.
* Note: The MS SQL Server may be crashed by a buffer overflow test. Therefore restarting the service is required in order to regain normal functionality.
* References:
http://www.nextgenss.com/advisories/mssql-udp.txt
* Platforms Affected:
Microsoft SQL Server 2000 pre SP3
Microsoft Desktop Engine (MSDE) 2000 |
| Recommendation |
Apply the appropriate patch for this vulnerability, as listed in Microsoft Security Bulletin MS02-061, http://www.microsoft.com/technet/security/bulletin/ms02-061.asp
-- OR --
SQL 2000 Service Pack 3 (Cumulative Patch):
http://www.microsoft.com/sql/downloads/2000/sp3.asp
-- AND --
We recommend that people immediately firewall SQL service ports at all of their gateways. The worm uses only UDP port 1434 (SQL Monitor Port) to spread itself to a new system. |
| Related URL |
CVE-2002-0649,CVE-2002-0650 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
