Executive Summary

Informations
Name CVE-2000-1088 First vendor Publication 2001-01-09
Vendor Cve Last vendor Modification 2018-10-12

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 4.6 Attack Range Local
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1088

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2
Application 2

OpenVAS Exploits

Date Description
2006-03-26 Name : Microsoft's SQL Version Query
File : nvt/mssql_version.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
10154 Microsoft SQL Server xp_SetSQLSecurity Function Overflow

A remote overflow exists in SQL Server, SQL Server Desktop Engine and MSDE. The products fail to properly limit the size of allowable input in the third parameter of the xp_SetSQLSecurity() function resulting in a buffer overflow. With a specially crafted request, an attacker can cause execution of arbitrary code or a denial of service resulting in a loss of integrity and/or availability.

Snort® IPS/IDS

Date Description
2014-01-10 xp_updatecolvbm vulnerable function attempt
RuleID : 8540 - Revision : 8 - Type : SERVER-MSSQL
2014-01-10 xp_updatecolvbm unicode vulnerable function attempt
RuleID : 8539 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_updatecolvbm unicode vulnerable function attempt
RuleID : 8538 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_sqlinventory unicode vulnerable function attempt
RuleID : 8537 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 xp_sqlinventory vulnerable function attempt
RuleID : 8536 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 xp_sqlinventory unicode vulnerable function attempt
RuleID : 8535 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 xp_sqlagent_monitor unicode vulnerable function attempt
RuleID : 8534 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 xp_sqlagent_monitor vulnerable function attempt
RuleID : 8533 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 xp_sqlagent_monitor unicode vulnerable function attempt
RuleID : 8532 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 xp_showcolv vulnerable function attempt
RuleID : 8531 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_showcolv unicode vulnerable function attempt
RuleID : 8530 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_showcolv unicode vulnerable function attempt
RuleID : 8529 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_SetSQLSecurity vulnerable function attempt
RuleID : 8528 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_SetSQLSecurity unicode vulnerable function attempt
RuleID : 8527 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_SetSQLSecurity unicode vulnerable function attempt
RuleID : 8526 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_proxiedmetadata vulnerable function attempt
RuleID : 8525 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_proxiedmetadata unicode vulnerable function attempt
RuleID : 8524 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_proxiedmetadata unicode vulnerable function attempt
RuleID : 8523 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_printstatements vulnerable function attempt
RuleID : 8522 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_printstatements unicode vulnerable function attempt
RuleID : 8521 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_printstatements unicode vulnerable function attempt
RuleID : 8520 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_peekqueue vulnerable function attempt
RuleID : 8519 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_peekqueue unicode vulnerable function attempt
RuleID : 8518 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_peekqueue unicode vulnerable function attempt
RuleID : 8517 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 xp_oasetproperty vulnerable function attempt
RuleID : 8516 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 xp_oasetproperty unicode vulnerable function attempt
RuleID : 8515 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 xp_oasetproperty unicode vulnerable function attempt
RuleID : 8514 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 xp_oamethod unicode vulnerable function attempt
RuleID : 8513 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 xp_oamethod vulnerable function attempt
RuleID : 8512 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 xp_oamethod unicode vulnerable function attempt
RuleID : 8511 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 xp_oagetproperty vulnerable function attempt
RuleID : 8510 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 xp_oagetproperty unicode vulnerable function attempt
RuleID : 8509 - Revision : 7 - Type : SERVER-MSSQL
2014-01-10 xp_oagetproperty unicode vulnerable function attempt
RuleID : 8508 - Revision : 7 - Type : SERVER-MSSQL
2014-01-10 xp_oadestroy vulnerable function attempt
RuleID : 8507 - Revision : 7 - Type : SERVER-MSSQL
2014-01-10 xp_oadestroy unicode vulnerable function attempt
RuleID : 8506 - Revision : 7 - Type : SERVER-MSSQL
2014-01-10 xp_oadestroy unicode vulnerable function attempt
RuleID : 8505 - Revision : 7 - Type : SERVER-MSSQL
2014-01-10 xp_enumresultset vulnerable function attempt
RuleID : 8504 - Revision : 8 - Type : SERVER-MSSQL
2014-01-10 xp_enumresultset unicode vulnerable function attempt
RuleID : 8503 - Revision : 8 - Type : SERVER-MSSQL
2014-01-10 xp_enumresultset unicode vulnerable function attempt
RuleID : 8502 - Revision : 8 - Type : SERVER-MSSQL
2014-01-10 xp_displayparamstmt vulnerable function attempt
RuleID : 8501 - Revision : 8 - Type : SERVER-MSSQL
2014-01-10 xp_displayparamstmt unicode vulnerable function attempt
RuleID : 8500 - Revision : 8 - Type : SERVER-MSSQL
2014-01-10 xp_displayparamstmt unicode vulnerable function attempt
RuleID : 8499 - Revision : 10 - Type : SERVER-MSSQL
2014-01-10 sp_oacreate unicode vulnerable function attempt
RuleID : 8498 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 sp_oacreate vulnerable function attempt
RuleID : 8497 - Revision : 9 - Type : SERVER-MSSQL
2014-01-10 sp_oacreate unicode vulnerable function attempt
RuleID : 8496 - Revision : 7 - Type : SERVER-MSSQL
2014-01-10 DELETED SQL/SMB xp_enumresultset possible buffer overflow
RuleID : 708 - Revision : 14 - Type : SQL
2014-01-10 xp_proxiedmetadata possible buffer overflow
RuleID : 707 - Revision : 15 - Type : SQL
2014-01-10 xp_peekqueue possible buffer overflow
RuleID : 706 - Revision : 13 - Type : SQL
2014-01-10 xp_showcolv possible buffer overflow
RuleID : 705 - Revision : 13 - Type : SQL
2014-01-10 DELETED SQL/SMB xp_setsqlsecurity possible buffer overflow
RuleID : 703 - Revision : 14 - Type : SQL
2014-01-10 DELETED SQL/SMB xp_displayparamstmt possible buffer overflow
RuleID : 702 - Revision : 14 - Type : SQL
2014-01-10 xp_updatecolvbm possible buffer overflow
RuleID : 701 - Revision : 13 - Type : SQL
2014-01-10 DELETED SQL/SMB xp_updatecolvbm possible buffer overflow
RuleID : 700 - Revision : 14 - Type : SQL
2014-01-10 xp_printstatements possible buffer overflow
RuleID : 699 - Revision : 13 - Type : SQL
2014-01-10 DELETED SQL/SMB xp_proxiedmetadata possible buffer overflow
RuleID : 698 - Revision : 14 - Type : SQL
2014-01-10 DELETED SQL/SMB xp_peekqueue possible buffer overflow
RuleID : 697 - Revision : 14 - Type : SQL
2014-01-10 DELETED SQL/SMB xp_showcolv possible buffer overflow
RuleID : 696 - Revision : 14 - Type : SQL
2014-01-10 DELETED SQL/SMB xp_printstatements possible buffer overflow
RuleID : 690 - Revision : 13 - Type : SQL
2014-01-10 xp_enumresultset possible buffer overflow
RuleID : 682 - Revision : 14 - Type : SQL
2014-01-10 xp_setsqlsecurity possible buffer overflow
RuleID : 675 - Revision : 13 - Type : SQL
2014-01-10 xp_displayparamstmt possible buffer overflow
RuleID : 674 - Revision : 12 - Type : SQL

Sources (Detail)

Source Url
ATSTAKE http://marc.info/?l=bugtraq&m=97570884410184&w=2
BID http://www.securityfocus.com/bid/2043
MS https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00...

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Date Informations
2024-02-02 01:01:28
  • Multiple Updates
2024-02-01 12:01:14
  • Multiple Updates
2023-09-05 12:01:25
  • Multiple Updates
2023-09-05 01:01:05
  • Multiple Updates
2023-09-02 12:01:26
  • Multiple Updates
2023-09-02 01:01:05
  • Multiple Updates
2023-08-12 12:01:45
  • Multiple Updates
2023-08-12 01:01:05
  • Multiple Updates
2023-08-11 12:01:29
  • Multiple Updates
2023-08-11 01:01:06
  • Multiple Updates
2023-08-06 12:01:21
  • Multiple Updates
2023-08-06 01:01:06
  • Multiple Updates
2023-08-04 12:01:25
  • Multiple Updates
2023-08-04 01:01:06
  • Multiple Updates
2023-07-14 12:01:24
  • Multiple Updates
2023-07-14 01:01:07
  • Multiple Updates
2023-03-29 01:01:22
  • Multiple Updates
2023-03-28 12:01:11
  • Multiple Updates
2022-10-11 12:01:15
  • Multiple Updates
2022-10-11 01:00:59
  • Multiple Updates
2021-05-04 12:01:13
  • Multiple Updates
2021-04-22 01:01:26
  • Multiple Updates
2020-05-23 00:14:29
  • Multiple Updates
2018-10-13 00:22:23
  • Multiple Updates
2016-10-18 12:00:52
  • Multiple Updates
2015-10-23 13:20:11
  • Multiple Updates
2014-02-17 10:23:24
  • Multiple Updates
2014-01-19 21:21:16
  • Multiple Updates
2013-05-11 12:02:15
  • Multiple Updates