oval:org.mitre.oval:def:14213

Definition Id: oval:org.mitre.oval:def:14213

Oval ID:	oval:org.mitre.oval:def:14213
Title:	Memory Page Reuse Vulnerability in SQL Server
Description:	SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize memory pages when reallocating memory, which allows database operators to obtain sensitive information (database contents) via unknown vectors related to memory page reuse.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-0085	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008	Product(s):	Microsoft SQL Server 2000 Microsoft SQL Server 2005 Microsoft SQL Server 2000 Desktop Engine (WMSDE) Windows Internal Database (WYukon)
Definition Synopsis:
SQL Server 2000 SP4 - GDR SQL Server 2000 is installed AND SQL Server 2000 GDR - the version of sqlservr.exe is greater than 2000.80.2000.0 AND Check if version of Sqlservr.exe is less than 2000.80.2050.0 OR SQL Server 2000 SP4- QFE SQL Server 2000 is installed AND SQL Server 2000 QFE - the version of sqlservr.exe is greater than 2000.80.2000.0 AND Check if version of Sqlservr.exe is less than 2000.80.2273.0 OR SQL Server 2005 SP2 - GDR Check for SQL server 2005 SP2 and Vulnerable sqlservr.exe Microsoft SQL Server 2005 SP2 is installed AND the version of sqlservr.exe is greater than or equal to 2005.90.3042.0 AND Check if version of Sqlservr.exe is less than 2005.90.3068.0 OR Check for SQL server 2005 SP2 and Vulnerable msdtssrvr.exe Microsoft SQL Server 2005 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2 AND Check if version of Msdtssrvr.exe is less than 9.0.3068.0 AND The version of Msdtssrvr.exe is greater than or equal to 9.0.3042.0 OR SQL Server 2005 SP2 - QFE Check for SQL server 2005 SP2 and Vulnerable sqlservr.exe Microsoft SQL Server 2005 SP2 is installed AND the version of sqlservr.exe is greater than or equal to 2005.90.3150.0 AND Check if version of Sqlservr.exe is less than 2005.90.3233.0 OR Check for SQL server 2005 SP2 and Vulnerable msdtssrvr.exe Microsoft SQL Server 2005 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2 AND Check if version of Msdtssrvr.exe is less than 9.0.3233.0 AND The version of Msdtssrvr.exe is greater than or equal to 9.0.3150.0

Definition Id: oval:org.mitre.oval:def:6082

Oval ID:	oval:org.mitre.oval:def:6082
Title:	Microsoft SQL Server 2005 is installed
Description:	Microsoft SQL Server 2005 is installed.
Family:	windows	Class:	inventory
Reference(s):	cpe:/a:microsoft:sql_server:2005	Version:	17
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Microsoft SQL Server 2005
Definition Synopsis:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\Version is greater than 9.0.0.0 AND SQL Server instance with version between 9.0.0.0 and 10.0.0.0 SQL Server instances with version greater than 9.0.0.0 exist AND SQL Server instances with version less than 10.0.0.0 exist
Referenced By:
oval:org.mitre.oval:def:14213 oval:org.mitre.oval:def:14213

Definition Id: oval:org.mitre.oval:def:8397

Oval ID:	oval:org.mitre.oval:def:8397
Title:	Microsoft SQL Server 2005 SP2 is installed
Description:	Microsoft SQL Server 2005 SP2 is installed.
Family:	windows	Class:	inventory
Reference(s):	cpe:/a:microsoft:sql_server:2005:sp2	Version:	14
Platform(s):	Microsoft Windows Server 2003 Microsoft Windows Server 2008	Product(s):	Microsoft SQL Server 2005
Definition Synopsis:
MS SQL Server 2005 SP2 is installed
Referenced By:
oval:org.mitre.oval:def:14213 oval:org.mitre.oval:def:14213

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0694s

Facebook rss twitter linkedin mail