Oval Definition:oval:org.mitre.oval:def:13936
Revision Date:2013-10-07Version:10
Title:Memory Corruption Vulnerability in SQL Server
Description:Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users to execute arbitrary code via a (1) SMB or (2) WebDAV pathname for an on-disk file (aka stored backup file) with a crafted record size value, which triggers a heap-based buffer overflow, aka "SQL Server Memory Corruption Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-0107
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s):Microsoft SQL Server 2000
Microsoft SQL Server 2000 Desktop Engine (WMSDE)
Microsoft SQL Server 2005
Windows Internal Database (WYukon)
Definition Synopsis
  • SQL Server 2000 SP4 - GDR
  • SQL Server 2000 is installed
  • AND SQL Server 2000 GDR - the version of sqlservr.exe is greater than 2000.80.2000.0
  • AND Check if version of Sqlservr.exe is less than 2000.80.2050.0
  • OR SQL Server 2000 SP4- QFE
  • SQL Server 2000 is installed
  • AND SQL Server 2000 GDR - the version of sqlservr.exe is greater than 2000.80.2000.0
  • AND Check if version of Sqlservr.exe is less than 2000.80.2273.0
  • OR SQL Server 2005 SP2 - GDR
  • Check for SQL server 2005 SP2 and Vulnerable sqlservr.exe
  • Microsoft SQL Server 2005 SP2 is installed
  • AND The version of Sqlservr.exe is greater than or equal to 2005.90.3042.0
  • AND Check if version of Sqlservr.exe is less than 2005.90.3068.0
  • OR Check for SQL server 2005 SP2 and Vulnerable msdtssrvr.exe
  • Microsoft SQL Server 2005 is installed
  • AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2
  • AND Check if version of Msdtssrvr.exe is less than 9.0.3068.0
  • AND The version of Msdtssrvr.exe is greater than or equal to 9.0.3042.0
  • OR SQL Server 2005 SP2 - QFE
  • Check for SQL server 2005 SP2 and Vulnerable sqlservr.exe
  • Microsoft SQL Server 2005 SP2 is installed
  • AND The version of Sqlservr.exe is greater than or equal to 2005.90.3150.0
  • AND Check if version of Sqlservr.exe is less than 2005.90.3233.0
  • OR Check for SQL server 2005 SP2 and Vulnerable msdtssrvr.exe
  • Microsoft SQL Server 2005 is installed
  • AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 2
  • AND Check if version of Msdtssrvr.exe is less than 9.0.3233.0
  • AND The version of Msdtssrvr.exe is greater than or equal to 9.0.3150.0
    • BACK