MS08-040: Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)

This script is Copyright (C) 2008-2017 Tenable Network Security, Inc.


Synopsis :

The remote Microsoft SQL Server install is vulnerable to memory
corruption flaws.

Description :

The remote host is running a version of Microsoft SQL Server, Desktop
Engine or Internal Database that is vulnerable to multiple memory
corruption issues.

These vulnerabilities may allow an attacker to gain elevates
privileges on the server.

See also :

https://technet.microsoft.com/library/security/ms08-040

Solution :

Microsoft has released a set of patches for SQL Server 7, 2000 and
2005.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 6.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 33444 ()

Bugtraq ID: 30082
30083
30118
30119

CVE ID: CVE-2008-0085
CVE-2008-0086
CVE-2008-0106
CVE-2008-0107

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now