MS02-061: Microsoft SQL Server Multiple Vulnerabilities (uncredentialed check)

critical Nessus Plugin ID 11214

Synopsis

The remote database server is affected by multiple buffer overflows.

Description

The remote MS SQL server is affected by several overflows that could be exploited by an attacker to gain SYSTEM access on that host.

Note that a worm (sapphire) is exploiting these vulnerabilities in the wild.

Solution

Microsoft has released patches for SQL Server 7.0 and 2000 as well as Microsoft Data Engine (MSDE) 1.0 and 2000.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2002/ms02-061

Plugin Details

Severity: Critical

ID: 11214

File Name: mssql_litchfield_overflows.nasl

Version: 1.52

Type: remote

Family: Databases

Published: 1/25/2003

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.3

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:microsoft:sql_server, cpe:/a:microsoft:data_engine

Required KB Items: MSSQL/UDP/Ping

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 7/24/2002

Exploitable With

Metasploit (MS02-039 Microsoft SQL Server Resolution Overflow)

Reference Information

CVE: CVE-2002-0644, CVE-2002-0645, CVE-2002-0649, CVE-2002-0650, CVE-2002-0721, CVE-2002-1137, CVE-2002-1138, CVE-2002-1145

BID: 5309, 5310, 5311, 5312, 5481, 5483, 5877, 5980

CWE: 119

MSFT: MS02-061

MSKB: 316333