This script is Copyright (C) 2009-2017 Tenable Network Security, Inc.
A database application installed on the remote host is affected by a
remote code execution vulnerability.
The remote Windows host is running a version of Microsoft SQL Server,
Desktop Engine, or Internal Database that is affected by a remote code
execution vulnerability in the sp_replwritetovarbin() stored procedure
due to a failure to check invalid parameters. An authenticated, remote
attacker can exploit this, via specially crafted request, to cause the
execution of arbitrary code.
See also :
Microsoft has released a set of patches for SQL Server 2000 and 2005.
Risk factor :
High / CVSS Base Score : 9.0
CVSS Temporal Score : 7.4
Public Exploit Available : true