Microsoft SQL Server Authentication Function Remote Overflow

This script is Copyright (C) 2002-2014 Dave Aitel

Synopsis :

The remote database server is affected by a remote command execution

Description :

The remote Microsoft SQL server is vulnerable to the Hello overflow.

An attacker may use this flaw to execute commands against the remote
host as LOCAL/SYSTEM, as well as read your database content.

*** This alert might be a false positive.

See also :

Solution :

Apply the patch from the Microsoft Bulletin.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true

Family: Databases

Nessus Plugin ID: 11067 ()

Bugtraq ID: 5411

CVE ID: CVE-2002-1123