Summary
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 1998-06-29 |
Product | Sql Server | Last view | 2024-01-09 |
Version | 2000 | Type | |
Update | sp4 | ||
Edition | analysis_services | ||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
8.7 | 2024-01-09 | CVE-2024-0056 | Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability |
7.8 | 2023-10-10 | CVE-2023-36785 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
7.8 | 2023-10-10 | CVE-2023-36730 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
5.5 | 2023-10-10 | CVE-2023-36728 | Microsoft SQL Server Denial of Service Vulnerability |
7.8 | 2023-10-10 | CVE-2023-36420 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
7.8 | 2023-10-10 | CVE-2023-36417 | Microsoft SQL OLE DB Remote Code Execution Vulnerability |
8.8 | 2023-08-08 | CVE-2023-38169 | Microsoft SQL OLE DB Remote Code Execution Vulnerability |
7.8 | 2023-06-16 | CVE-2023-32028 | Microsoft SQL OLE DB Remote Code Execution Vulnerability |
7.8 | 2023-06-16 | CVE-2023-32027 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
7.8 | 2023-06-16 | CVE-2023-32026 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
7.8 | 2023-06-16 | CVE-2023-32025 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
7.8 | 2023-06-16 | CVE-2023-29356 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
7.8 | 2023-06-16 | CVE-2023-29349 | Microsoft ODBC and OLE DB Remote Code Execution Vulnerability |
7.3 | 2023-04-11 | CVE-2023-23384 | Microsoft SQL Server Remote Code Execution Vulnerability |
7.8 | 2023-02-14 | CVE-2023-21718 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
8.8 | 2023-02-14 | CVE-2023-21713 | Microsoft SQL Server Remote Code Execution Vulnerability |
8.8 | 2023-02-14 | CVE-2023-21705 | Microsoft SQL Server Remote Code Execution Vulnerability |
7.8 | 2023-02-14 | CVE-2023-21704 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
7.8 | 2023-02-14 | CVE-2023-21528 | Microsoft SQL Server Remote Code Execution Vulnerability |
7.5 | 2022-06-15 | CVE-2022-29143 | Microsoft SQL Server Remote Code Execution Vulnerability |
7.8 | 2022-02-09 | CVE-2022-23276 | SQL Server for Linux Containers Elevation of Privilege Vulnerability |
8.8 | 2021-01-12 | CVE-2021-1636 | Microsoft SQL Elevation of Privilege Vulnerability |
8.8 | 2020-02-11 | CVE-2020-0618 | A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'. |
8.8 | 2019-07-15 | CVE-2019-1068 | A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'. |
6.5 | 2019-05-16 | CVE-2019-0819 | An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces metadata permissions, aka 'Microsoft SQL Server Analysis Services Information Disclosure Vulnerability'. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
23% (10) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
13% (6) | CWE-189 | Numeric Errors |
11% (5) | CWE-264 | Permissions, Privileges, and Access Controls |
9% (4) | CWE-200 | Information Exposure |
9% (4) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
9% (4) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
4% (2) | CWE-399 | Resource Management Errors |
4% (2) | CWE-284 | Access Control (Authorization) Issues |
4% (2) | CWE-20 | Improper Input Validation |
2% (1) | CWE-502 | Deserialization of Untrusted Data |
2% (1) | CWE-326 | Inadequate Encryption Strength |
2% (1) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
2% (1) | CWE-74 | Failure to Sanitize Data into a Different Plane ('Injection') |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-20 | Encryption Brute Forcing |
CAPEC-58 | Restful Privilege Elevation |
CAPEC-112 | Brute Force |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:231 | SQL Server Extended Stored Procedure Parameter Parsing |
oval:org.mitre.oval:def:71 | Privilege Escalation Using Cached Admin Connection |
oval:org.mitre.oval:def:82 | Microsoft RPC Denial of Service |
oval:org.mitre.oval:def:83 | Microsoft SQL Server 3-Function Buffer Overflow |
oval:org.mitre.oval:def:253 | SQL Server Format String Vulnerability |
oval:org.mitre.oval:def:271 | SQL Server OpenDataSource/OpenRowset Buffer Overflow |
oval:org.mitre.oval:def:121 | Microsoft SQL Server Extended Stored Procedure Buffer Overflow |
oval:org.mitre.oval:def:489 | Unchecked Buffer in SQLXML ISAPI Extension for Microsoft Data Access Componen... |
oval:org.mitre.oval:def:484 | Unchecked Buffer in SQLXML ISAPI Extension for Microsoft Data Access Componen... |
oval:org.mitre.oval:def:291 | Unchecked Buffer in Password Encryption Procedure |
oval:org.mitre.oval:def:316 | MS SQL Server Bulk Insert Procedure Buffer Overflow |
oval:org.mitre.oval:def:1025 | Incorrect Permission on SQL Server Service Account Registry Key |
oval:org.mitre.oval:def:1077 | MS SQL Server 2000 Resolution Service Buffer Overflow |
oval:org.mitre.oval:def:235 | SQL Server Named Pipe Hijacking |
oval:org.mitre.oval:def:299 | SQL Server Named Pipe Denial of Service |
oval:org.mitre.oval:def:303 | SQL Server LPC Port Buffer Overflow |
oval:org.mitre.oval:def:14213 | Memory Page Reuse Vulnerability in SQL Server |
oval:org.mitre.oval:def:14052 | Convert Buffer Overrun Vulnerability in SQL Server |
oval:org.mitre.oval:def:13785 | Buffer Overrun Vulnerability in SQL Server |
oval:org.mitre.oval:def:13936 | Memory Corruption Vulnerability in SQL Server |
oval:org.mitre.oval:def:6055 | GDI+ VML Buffer Overrun Vulnerability |
oval:org.mitre.oval:def:6040 | GDI+ EMF Memory Corruption Vulnerability |
oval:org.mitre.oval:def:5986 | GDI+ GIF Parsing Vulnerability |
oval:org.mitre.oval:def:6004 | GDI+ WMF Buffer Overrun Vulnerability |
oval:org.mitre.oval:def:5881 | GDI+ BMP Integer Overflow Vulnerability |
SAINT Exploits
Description | Link |
---|---|
Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability | More info here |
Microsoft SQL Server Reporting Services 2016 ViewState deserialization vulnerability | More info here |
Microsoft SQL Server Distributed Management Objects buffer overflow | More info here |
Microsoft SQL Server Hello buffer overflow | More info here |
Microsoft SQL Server spreplwritetovarbin Buffer Overflow | More info here |
Microsoft SQL Server 2000 resolution service buffer overflow | More info here |
Microsoft Office Art Property Table Memory Corruption | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
72934 | Microsoft XML Editor External Entities Resolution Unspecified Information Dis... |
60004 | Microsoft SQL Server Multiple Stored Procedure Unprivileged Configuration Man... |
59636 | Microsoft SQL Server SQL Authentication Password Encryption Weakness |
58869 | Microsoft Office Malformed Object Handling Memory Corruption Arbitrary Code E... |
58868 | Microsoft Multiple Products GDI+ PNG Image Handling Integer Overflow |
58867 | Microsoft Multiple Products GDI+ .NET API Code Execution Privilege Escalation |
58866 | Microsoft Multiple Products GDI+ TIFF Image Handling Memory Corruption Arbitr... |
58865 | Microsoft Multiple Products GDI+ TIFF Image Handling Overflow |
58864 | Microsoft Multiple Products GDI+ PNG Image Handling Heap Overflow |
58863 | Microsoft Multiple Products GDI+ WMF Image Handling Overflow |
50589 | Microsoft SQL Server 2000 sp_replwritetovarbin() Stored Procedure Overflow |
48220 | Microsoft SQL Server SQLVDIRLib.SQLVDirControl ActiveX (Tools\Binn\sqlvdir.dl... |
47969 | Microsoft Multiple Products GDI+ BMP Integer Calculation Overflow |
47968 | Microsoft Multiple Products GDI+ WMF Image Handling Overflow |
47967 | Microsoft Multiple Products GDI+ GIF Image Handling Arbitrary Code Execution |
47966 | Microsoft Multiple Products GDI+ EMF File Handling Memory Corruption |
47965 | Microsoft Multiple Products GDI+ VML Gradient Size Handling Overflow |
46773 | Microsoft SQL Server Memory Page Reuse Information Disclosure |
46772 | Microsoft SQL Server Convert Function Overflow |
46771 | Microsoft SQL Server Stored Backup File Processing Memory Corruption Arbitrar... |
46770 | Microsoft SQL Server Crafted Insert Statement Overflow |
38399 | Microsoft SQL Server Enterprise Manager Distributed Management Objects OLE DL... |
13434 | Microsoft Windows Distributed Transaction Coordinator (DTC) Malformed Input DoS |
10379 | Microsoft SQL Server Large Query DoS |
10183 | Microsoft SQL Server xp_sprintf Function DoS |
ExploitDB Exploits
id | Description |
---|---|
21693 | Microsoft SQL Server 2000 User Authentication Remote Buffer Overflow Vulnerab... |
OpenVAS Exploits
id | Description |
---|---|
2012-10-10 | Name : Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability (2754849) File : nvt/secpod_ms12-070.nasl |
2012-08-15 | Name : Microsoft Windows Common Controls Remote Code Execution Vulnerability (2720573) File : nvt/secpod_ms12-060.nasl |
2012-04-11 | Name : Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258) File : nvt/secpod_ms12-027.nasl |
2012-03-16 | Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl |
2011-06-21 | Name : Microsoft XML Editor Information Disclosure Vulnerability (2543893) File : nvt/secpod_ms11-049.nasl |
2011-01-18 | Name : Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593) File : nvt/gb_ms08-052.nasl |
2009-10-21 | Name : Microsoft Products GDI Plus Code Execution Vulnerabilities (957488) File : nvt/secpod_ms09-062.nasl |
2008-12-16 | Name : Microsoft SQL Server sp_replwritetovarbin() BOF Vulnerability File : nvt/gb_mssql_sp_replwritetovarbin_bof_vuln.nasl |
2008-12-02 | Name : Microsoft SQL Server 2000 sqlvdir.dll ActiveX Buffer Overflow Vulnerability File : nvt/secpod_ms_sql_server_2000_activex_bof_vuln_900125.nasl |
2008-10-14 | Name : MS SQL Server Elevation of Privilege Vulnerabilities (941203) File : nvt/gb_ms08-040.nasl |
2006-03-26 | Name : Microsoft's SQL Version Query File : nvt/mssql_version.nasl |
2005-11-03 | Name : MSDTC denial of service by flooding with nul bytes File : nvt/msdtc_dos.nasl |
2005-11-03 | Name : Microsoft's SQL Hello Overflow File : nvt/mssql_hello_overflow.nasl |
2005-11-03 | Name : SMB Registry : SQL7 Patches File : nvt/smb_mssql7.nasl |
2005-11-03 | Name : XML Core Services patch (Q318203) File : nvt/smb_nt_ms02-008.nasl |
2005-11-03 | Name : Cumulative Patch for Internet Information Services (Q327696) File : nvt/smb_nt_ms02-018.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0171 | Multiple Vulnerabilities in Microsoft SQL Server (MS15-058) Severity: Category II - VMSKEY: V0061125 |
2014-A-0126 | Multiple Vulnerabilities in Microsoft SQL Server Severity: Category II - VMSKEY: V0053801 |
2012-A-0160 | Microsoft SQL Server Cross-Site Scripting Vulnerability Severity: Category II - VMSKEY: V0034177 |
2012-A-0132 | Microsoft Windows Common Controls Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0033659 |
2012-A-0059 | Microsoft Windows Common Controls Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0031982 |
2011-B-0064 | Microsoft XML Editor Information Disclosure Vulnerability Severity: Category II - VMSKEY: V0028601 |
2011-A-0066 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0027158 |
2009-A-0099 | Multiple Vulnerabilities in Microsoft GDI+ Severity: Category I - VMSKEY: V0021759 |
2009-A-0012 | Microsoft SQL Server Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0018387 |
2008-T-0053 | WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability Severity: Category II - VMSKEY: V0017532 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | xp_updatecolvbm vulnerable function attempt RuleID : 8540 - Type : SERVER-MSSQL - Revision : 8 |
2014-01-10 | xp_updatecolvbm unicode vulnerable function attempt RuleID : 8539 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_updatecolvbm unicode vulnerable function attempt RuleID : 8538 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_showcolv vulnerable function attempt RuleID : 8531 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_showcolv unicode vulnerable function attempt RuleID : 8530 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_showcolv unicode vulnerable function attempt RuleID : 8529 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_SetSQLSecurity vulnerable function attempt RuleID : 8528 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_SetSQLSecurity unicode vulnerable function attempt RuleID : 8527 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_SetSQLSecurity unicode vulnerable function attempt RuleID : 8526 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_proxiedmetadata vulnerable function attempt RuleID : 8525 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_proxiedmetadata unicode vulnerable function attempt RuleID : 8524 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_proxiedmetadata unicode vulnerable function attempt RuleID : 8523 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_printstatements vulnerable function attempt RuleID : 8522 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_printstatements unicode vulnerable function attempt RuleID : 8521 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_printstatements unicode vulnerable function attempt RuleID : 8520 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_peekqueue vulnerable function attempt RuleID : 8519 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_peekqueue unicode vulnerable function attempt RuleID : 8518 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_peekqueue unicode vulnerable function attempt RuleID : 8517 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | xp_enumresultset vulnerable function attempt RuleID : 8504 - Type : SERVER-MSSQL - Revision : 8 |
2014-01-10 | xp_enumresultset unicode vulnerable function attempt RuleID : 8503 - Type : SERVER-MSSQL - Revision : 8 |
2014-01-10 | xp_enumresultset unicode vulnerable function attempt RuleID : 8502 - Type : SERVER-MSSQL - Revision : 8 |
2014-01-10 | xp_displayparamstmt vulnerable function attempt RuleID : 8501 - Type : SERVER-MSSQL - Revision : 8 |
2014-01-10 | xp_displayparamstmt unicode vulnerable function attempt RuleID : 8500 - Type : SERVER-MSSQL - Revision : 8 |
2014-01-10 | xp_displayparamstmt unicode vulnerable function attempt RuleID : 8499 - Type : SERVER-MSSQL - Revision : 10 |
2014-01-10 | formatmessage possible buffer overflow RuleID : 8495 - Type : SQL - Revision : 6 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2017-08-08 | Name: The remote SQL server is affected by an information disclosure vulnerability. File: smb_nt_ms17_aug_mssql.nasl - Type: ACT_GATHER_INFO |
2016-11-08 | Name: The remote SQL server is affected by multiple vulnerabilities. File: smb_nt_ms16-136.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2011-0003_remote.nasl - Type: ACT_GATHER_INFO |
2015-07-14 | Name: The remote SQL Server installation is affected by multiple vulnerabilities. File: smb_nt_ms15-058.nasl - Type: ACT_GATHER_INFO |
2015-07-14 | Name: The remote SQL Server installation is affected by multiple vulnerabilities. File: smb_kb3065718.nasl - Type: ACT_GATHER_INFO |
2014-08-12 | Name: A cross-site scripting vulnerability in SQL Server could allow an elevation o... File: smb_kb2984340.nasl - Type: ACT_GATHER_INFO |
2014-08-12 | Name: A cross-site scripting vulnerability in SQL Server could allow an elevation o... File: smb_nt_ms14-044.nasl - Type: ACT_GATHER_INFO |
2014-03-10 | Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r... File: smb_kb957488.nasl - Type: ACT_GATHER_INFO |
2014-03-10 | Name: An application on the remote Windows host has an information disclosure vulne... File: smb_kb2543893.nasl - Type: ACT_GATHER_INFO |
2012-10-10 | Name: A cross-site scripting vulnerability in SQL Server could allow elevation of p... File: smb_kb2754849.nasl - Type: ACT_GATHER_INFO |
2012-10-10 | Name: A cross-site scripting vulnerability in SQL Server could allow elevation of p... File: smb_nt_ms12-070.nasl - Type: ACT_GATHER_INFO |
2012-08-15 | Name: The remote Windows host has a code execution vulnerability. File: smb_nt_ms12-060.nasl - Type: ACT_GATHER_INFO |
2012-04-11 | Name: The remote Windows host is affected by a remote code execution vulnerability. File: smb_nt_ms12-027.nasl - Type: ACT_GATHER_INFO |
2011-06-15 | Name: An application on the remote Windows host has an information disclosure vulne... File: smb_nt_ms11-049.nasl - Type: ACT_GATHER_INFO |
2011-02-14 | Name: The remote VMware ESXi / ESX host is missing one or more security-related pat... File: vmware_VMSA-2011-0003.nasl - Type: ACT_GATHER_INFO |
2009-10-15 | Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r... File: smb_nt_ms09-062.nasl - Type: ACT_GATHER_INFO |
2009-02-11 | Name: A database application installed on the remote host is affected by a remote c... File: smb_kb959420.nasl - Type: ACT_GATHER_INFO |
2009-02-11 | Name: Arbitrary code can be executed on the remote host through Microsoft SQL Server. File: smb_nt_ms09-004.nasl - Type: ACT_GATHER_INFO |
2008-09-29 | Name: The remote SQL server is affected by multiple vulnerabilities. File: smb_kb941203.nasl - Type: ACT_GATHER_INFO |
2008-09-10 | Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r... File: smb_nt_ms08-052.nasl - Type: ACT_GATHER_INFO |
2008-07-08 | Name: The remote Microsoft SQL Server install is vulnerable to memory corruption fl... File: smb_nt_ms08-040.nasl - Type: ACT_GATHER_INFO |
2003-10-08 | Name: The remote SQL Server is affected by a local privilege escalation vulnerability. File: mssql_lte_7.nasl - Type: ACT_GATHER_INFO |
2003-07-24 | Name: Arbitrary code can be executed on the remote host through the SQL service. File: smb_nt_ms03-031.nasl - Type: ACT_GATHER_INFO |
2003-03-09 | Name: The remote SQL server is vulnerable to an information disclosure attack. File: smb_nt_ms00-035.nasl - Type: ACT_GATHER_INFO |
2003-03-06 | Name: It may be possible to get the remote SQL Server's administrator password. File: smb_nt_ms02-035.nasl - Type: ACT_GATHER_INFO |