Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2003-0231 | First vendor Publication | 2003-08-27 |
Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0231 |
OVAL Definitions
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2003-07-23 | Microsoft SQL Server 7.0/2000,MSDE Named Pipe Denial Of Service Vulnerability |
2003-07-25 | MS Windows SQL Server Denial of Service Remote Exploit (MS03-031) |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
2299 | Microsoft SQL Server Named Pipe Handling Request Remote DoS Microsoft SQL Server contains a flaw that may allow a remote denial of service. The issue is triggered when overly long SQL query is sent to named pipe. This pipe allows write access to the group "Everyone" and is therefore accessible to anyone that can authenticate, local or remote. Microsoft SQL Server 2000 Pre-SP3 will stop responding and service needs to be restarted in order to answer requests again. While SQL Server 2000 SP3 will appear to function normally but it will become unresponsive to any type of requests, a restart of the host is needed to recover because it is impossible to stop the service. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2003-07-24 | Name : Arbitrary code can be executed on the remote host through the SQL service. File : smb_nt_ms03-031.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-08-02 12:02:27 |
|
2024-08-02 01:01:25 |
|
2024-02-02 01:02:14 |
|
2024-02-01 12:01:26 |
|
2023-09-05 12:02:08 |
|
2023-09-05 01:01:17 |
|
2023-09-02 12:02:09 |
|
2023-09-02 01:01:17 |
|
2023-08-12 12:02:38 |
|
2023-08-12 01:01:18 |
|
2023-08-11 12:02:14 |
|
2023-08-11 01:01:19 |
|
2023-08-06 12:02:04 |
|
2023-08-06 01:01:19 |
|
2023-08-04 12:02:07 |
|
2023-08-04 01:01:19 |
|
2023-07-14 12:02:06 |
|
2023-07-14 01:01:19 |
|
2023-03-29 01:02:04 |
|
2023-03-28 12:01:24 |
|
2022-10-11 12:01:52 |
|
2022-10-11 01:01:11 |
|
2021-05-04 12:02:00 |
|
2021-04-22 01:02:08 |
|
2020-05-23 00:15:22 |
|
2018-10-13 00:22:26 |
|
2017-10-11 09:23:16 |
|
2016-04-26 12:31:25 |
|
2014-02-17 10:26:00 |
|
2013-05-11 11:50:54 |
|