Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2002-1137 | First vendor Publication | 2002-10-11 |
Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data source" such as FoxPro, a variant of CAN-2002-0644. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1137 |
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2010-04-30 | Microsoft SQL Server Hello Overflow |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
10131 | Microsoft SQL Server DBCC SourceDB Argument Arbitrary Command Execution |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft SQL Server 2000 Server hello buffer overflow attempt RuleID : 11264 - Revision : 10 - Type : SERVER-MSSQL |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2003-01-25 | Name : The remote database server is affected by multiple buffer overflows. File : mssql_litchfield_overflows.nasl - Type : ACT_GATHER_INFO |
2002-08-07 | Name : The remote database server is affected by a remote command execution vulnerab... File : mssql_hello_overflow.nasl - Type : ACT_DESTRUCTIVE_ATTACK |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:02:04 |
|
2024-02-01 12:01:22 |
|
2023-09-05 12:01:58 |
|
2023-09-05 01:01:13 |
|
2023-09-02 12:01:59 |
|
2023-09-02 01:01:14 |
|
2023-08-12 12:02:22 |
|
2023-08-12 01:01:14 |
|
2023-08-11 12:02:04 |
|
2023-08-11 01:01:15 |
|
2023-08-06 12:01:54 |
|
2023-08-06 01:01:15 |
|
2023-08-04 12:01:58 |
|
2023-08-04 01:01:15 |
|
2023-07-14 12:01:56 |
|
2023-07-14 01:01:15 |
|
2023-03-29 01:01:55 |
|
2023-03-28 12:01:20 |
|
2022-10-11 12:01:44 |
|
2022-10-11 01:01:07 |
|
2021-05-04 12:01:45 |
|
2021-04-22 01:01:53 |
|
2020-05-23 00:15:05 |
|
2018-10-13 00:22:26 |
|
2017-10-10 09:23:24 |
|
2014-02-17 10:25:05 |
|
2013-05-11 12:11:57 |
|