Oval Definition:oval:org.mitre.oval:def:13785
Revision Date:2013-10-07Version:9
Title:Buffer Overrun Vulnerability in SQL Server
Description:Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-0106
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s):Microsoft SQL Server 2005
Definition Synopsis
  • SQL Server 2005 SP2 - GDR
  • Check for SQL server 2005 SP2 and Vulnerable sqlservr.exe
  • Microsoft SQL Server 2005 SP2 is installed
  • AND The version of Sqlservr.exe is greater than or equal to 2005.90.3042.0
  • AND Check if version of Sqlservr.exe is less than 2005.90.3068.0
  • OR Check for SQL server 2005 SP2 and Vulnerable msdtssrvr.exe
  • Microsoft SQL Server 2005 is installed
  • AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2
  • AND Check if version of Msdtssrvr.exe is less than 9.0.3068.0
  • AND The version of Msdtssrvr.exe is greater than or equal to 9.0.3042.0
  • OR SQL Server 2005 SP2 - QFE
  • Check for SQL server 2005 SP2 and Vulnerable sqlservr.exe
  • Microsoft SQL Server 2005 SP2 is installed
  • AND The version of Sqlservr.exe is greater than or equal to 2005.90.3150.0
  • AND Check if version of Sqlservr.exe is less than 2005.90.3233.0
  • OR Check for SQL server 2005 SP2 and Vulnerable msdtssrvr.exe
  • Microsoft SQL Server 2005 is installed
  • AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2
  • AND Check if version of Msdtssrvr.exe is less than 9.0.3233.0
  • AND The version of Msdtssrvr.exe is greater than or equal to 9.0.3150.0
    • BACK