Gupta SQLBase EXECUTE Command Remote Overflow

This script is Copyright (C) 2003-2015 Tenable Network Security, Inc.


Synopsis :

The remote SQL server is affected by a buffer overflow vulnerability.

Description :

The remote host is running a version of the Gupta SQLBase server which
is older than or equal to 8.1.0.

An error in the 'Execute' command makes it possible to trigger a
buffer overflow by supplying more than 700 characters as the
parameter. A remote, authenticated attacker, exploiting this flaw, can
crash the affected service or potentially execute arbitrary code with
SYSTEM privileges.

Solution :

There is no known solution at this time.

Risk factor :

High / CVSS Base Score : 8.5
(CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 7.2
(CVSS2#E:U/RL:U/RC:ND)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 11363 (gupta_sqlbase_overflows.nasl)

Bugtraq ID: 6808

CVE ID: CVE-2003-1393

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now