Executive Summary

Informations
Name CVE-2008-5416 First vendor Publication 2008-12-10
Vendor Cve Last vendor Modification 2018-10-12

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Cvss Base Score 9 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka "SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5416

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6217
 
Oval ID: oval:org.mitre.oval:def:6217
Title: SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability
Description: Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka "SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-5416
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s): Microsoft SQL Server 2000
Microsoft SQL Server 2005
Microsoft SQL Server 2000 Desktop Engine (WMSDE)
Windows Internal Database (WYukon)
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2

SAINT Exploits

Description Link
Microsoft SQL Server spreplwritetovarbin Buffer Overflow More info here

ExploitDB Exploits

id Description
2011-02-08 Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection
2011-01-24 Microsoft SQL Server sp_replwritetovarbin Memory Corruption

OpenVAS Exploits

Date Description
2012-03-16 Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe...
File : nvt/gb_VMSA-2011-0003.nasl
2008-12-16 Name : Microsoft SQL Server sp_replwritetovarbin() BOF Vulnerability
File : nvt/gb_mssql_sp_replwritetovarbin_bof_vuln.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
50589 Microsoft SQL Server 2000 sp_replwritetovarbin() Stored Procedure Overflow

An overflow exists in Microsoft SQL Server 2000. The sp_replwritetovarbin() stored procedure fails to check invalid parameters, trigger memory overwrite, resulting in a heap overflow. With a specially crafted request, an attacker can cause a denial of service or execute arbitrary code resulting in a loss of integrity and/or availability.

Information Assurance Vulnerability Management (IAVM)

Date Description
2011-05-12 IAVM : 2011-A-0066 - Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0027158
2009-02-12 IAVM : 2009-A-0012 - Microsoft SQL Server Remote Code Execution Vulnerability
Severity : Category I - VMSKEY : V0018387

Snort® IPS/IDS

Date Description
2014-01-10 sp_replwritetovarbin vulnerable function attempt
RuleID : 15144 - Revision : 12 - Type : SERVER-MSSQL
2014-01-10 sp_replwritetovarbin unicode vulnerable function attempt
RuleID : 15143 - Revision : 15 - Type : SERVER-MSSQL
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode attempt
RuleID : 15142 - Revision : 9 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode andx a...
RuleID : 15141 - Revision : 9 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function attempt
RuleID : 15140 - Revision : 9 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function andx attempt
RuleID : 15139 - Revision : 9 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unic...
RuleID : 15138 - Revision : 9 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unic...
RuleID : 15137 - Revision : 9 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX attempt
RuleID : 15136 - Revision : 9 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX andx...
RuleID : 15135 - Revision : 9 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode attempt
RuleID : 15134 - Revision : 10 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode andx a...
RuleID : 15133 - Revision : 10 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function attempt
RuleID : 15132 - Revision : 10 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function andx attempt
RuleID : 15131 - Revision : 10 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unic...
RuleID : 15130 - Revision : 10 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unic...
RuleID : 15129 - Revision : 10 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX attempt
RuleID : 15128 - Revision : 10 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX andx...
RuleID : 15127 - Revision : 10 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

Date Description
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0003_remote.nasl - Type : ACT_GATHER_INFO
2011-02-14 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0003.nasl - Type : ACT_GATHER_INFO
2009-02-11 Name : A database application installed on the remote host is affected by a remote c...
File : smb_kb959420.nasl - Type : ACT_GATHER_INFO
2009-02-11 Name : Arbitrary code can be executed on the remote host through Microsoft SQL Server.
File : smb_nt_ms09-004.nasl - Type : ACT_GATHER_INFO
2003-01-26 Name : The remote host has a database server installed.
File : mssql_version.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/32710
BUGTRAQ http://www.securityfocus.com/archive/1/499042/100/0/threaded
http://www.securityfocus.com/archive/1/499085/100/0/threaded
http://www.securityfocus.com/archive/1/516397/100/0/threaded
CERT http://www.us-cert.gov/cas/techalerts/TA09-041A.html
CERT-VN http://www.kb.cert.org/vuls/id/696644
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm
http://www.microsoft.com/technet/security/advisory/961040.mspx
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
EXPLOIT-DB https://www.exploit-db.com/exploits/7501
FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html
MISC http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_mem...
MS https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09...
OSVDB http://osvdb.org/50917
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
SECTRACK http://securitytracker.com/id?1021363
http://securitytracker.com/id?1021490
SECUNIA http://secunia.com/advisories/33034
SREASON http://securityreason.com/securityalert/4706
VUPEN http://www.vupen.com/english/advisories/2008/3380
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/47182

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Date Informations
2024-02-02 01:09:52
  • Multiple Updates
2024-02-01 12:02:52
  • Multiple Updates
2023-09-05 12:09:13
  • Multiple Updates
2023-09-05 01:02:43
  • Multiple Updates
2023-09-02 12:09:19
  • Multiple Updates
2023-09-02 01:02:44
  • Multiple Updates
2023-08-12 12:10:57
  • Multiple Updates
2023-08-12 01:02:44
  • Multiple Updates
2023-08-11 12:09:22
  • Multiple Updates
2023-08-11 01:02:50
  • Multiple Updates
2023-08-06 12:08:59
  • Multiple Updates
2023-08-06 01:02:45
  • Multiple Updates
2023-08-04 12:09:04
  • Multiple Updates
2023-08-04 01:02:48
  • Multiple Updates
2023-07-14 12:09:02
  • Multiple Updates
2023-07-14 01:02:45
  • Multiple Updates
2023-03-29 01:10:17
  • Multiple Updates
2023-03-28 12:02:51
  • Multiple Updates
2022-10-11 12:08:02
  • Multiple Updates
2022-10-11 01:02:35
  • Multiple Updates
2021-05-04 12:08:31
  • Multiple Updates
2021-04-22 01:08:52
  • Multiple Updates
2020-05-23 13:16:51
  • Multiple Updates
2020-05-23 00:22:42
  • Multiple Updates
2018-10-13 00:22:45
  • Multiple Updates
2018-10-12 00:20:31
  • Multiple Updates
2017-09-29 09:23:51
  • Multiple Updates
2017-08-08 09:24:33
  • Multiple Updates
2016-06-28 17:22:17
  • Multiple Updates
2016-04-26 18:06:30
  • Multiple Updates
2016-03-05 13:26:42
  • Multiple Updates
2014-02-17 10:47:35
  • Multiple Updates
2014-01-19 21:25:28
  • Multiple Updates
2013-11-11 12:38:08
  • Multiple Updates
2013-05-11 00:32:11
  • Multiple Updates