Vulnerability Name:
CVE-2008-0106 (CCN-41462)
Assigned:
2008-07-08
Published:
2008-07-08
Updated:
2018-10-15
Summary:
Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement.
CVSS v3 Severity:
5.5 Medium
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
Required
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
Low
Integrity (I):
Low
Availibility (A):
Low
CVSS v2 Severity:
9.0 High
(CVSS v2 Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
)
6.7 Medium
(Temporal CVSS v2 Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
Single_Instance
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
6.5 Medium
(CCN CVSS v2 Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P
)
4.8 Medium
(CCN Temporal CVSS v2 Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Athentication (Au):
Single_Instance
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
Vulnerability Type:
CWE-119
Vulnerability Consequences:
Gain Privileges
References:
Source: MITRE
Type: CNA
CVE-2008-0106
Source: CCN
Type: HP Security Bulletin HPSBST02350 SSRT080102 rev.1
Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040
Source: CCN
Type: SA30970
Microsoft SQL Server and MSDE Multiple Vulnerabilities
Source: SECUNIA
Type: UNKNOWN
30970
Source: CCN
Type: SA43206
VMware vCenter Server / Update Manager SQL Express Multiple Vulnerabilities
Source: CCN
Type: SECTRACK ID: 1020441
Microsoft SQL Server Bugs Let Remote Authenticated Users Obtain Information and Execute Arbitrary Code
Source: CCN
Type: ASA-2008-291
MS08-040 Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
Source: CCN
Type: NORTEL BULLETIN ID: 2008008958, Rev 1
Centrex IP Client Manager (CICM) response to Microsoft July security bulletin
Source: CCN
Type: Microsoft Security Bulletin MS08-040
Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
Source: CCN
Type: Microsoft Security Bulletin MS09-004
Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420)
Source: BUGTRAQ
Type: UNKNOWN
20080708 Re: [Full-disclosure] iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability
Source: BUGTRAQ
Type: UNKNOWN
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Source: CCN
Type: BID-30118
Microsoft SQL Server INSERT Statement Remote Memory Corruption Vulnerability
Source: SECTRACK
Type: UNKNOWN
1020441
Source: CERT
Type: US Government Resource
TA08-190A
Source: CCN
Type: VMSA-2011-0003
Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
Source: VUPEN
Type: UNKNOWN
ADV-2008-2022
Source: MS
Type: UNKNOWN
MS08-040
Source: XF
Type: UNKNOWN
mssql-memory-insert-bo(41462)
Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:13785
Vulnerable Configuration:
Configuration 1
:
cpe:/a:microsoft:data_engine:1.0:sp4:*:*:*:*:*:*
OR
cpe:/a:microsoft:sql_server:7.0:sp4:*:*:*:*:*:*
OR
cpe:/a:microsoft:sql_server:2000:sp4:*:*:*:*:*:*
OR
cpe:/a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*
OR
cpe:/a:microsoft:sql_server_desktop_engine:2000:sp4:*:*:*:*:*:*
OR
cpe:/a:microsoft:sql_server_express_edition:2005:sp2:*:*:*:*:*:*
Configuration CCN 1
:
cpe:/a:microsoft:sql_server:2005:sp1:*:*:*:*:*:*
OR
cpe:/a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*
OR
cpe:/a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:*
OR
cpe:/a:microsoft:sql_server:2005:sp1:x64:*:*:*:*:*
OR
cpe:/a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:*
OR
cpe:/a:microsoft:sql_server:2005:sp1:itanium:*:*:*:*:*
OR
cpe:/a:microsoft:sql_server:2005:sp2:express:*:*:*:*:*
OR
cpe:/a:microsoft:sql_server:2005:sp1:express:*:*:*:*:*
AND
cpe:/a:vmware:vcenter_update_manager:4.0:*:*:*:*:*:*:*
OR
cpe:/a:vmware:vcenter_server:4.1:*:*:*:*:*:*:*
Denotes that component is vulnerable
Oval Definitions
Definition ID
Class
Title
Last Modified
oval:org.mitre.oval:def:13785
V
Buffer Overrun Vulnerability in SQL Server
2013-10-07
BACK
microsoft
data engine 1.0 sp4
microsoft
sql server 7.0 sp4
microsoft
sql server 2000 sp4
microsoft
sql server 2005 sp2
microsoft
sql server desktop engine 2000 sp4
microsoft
sql server express edition 2005 sp2
microsoft
sql server 2005 sp1
microsoft
sql server 2005 sp2
microsoft
sql server 2005 sp2
microsoft
sql server 2005 sp1
microsoft
sql server 2005 sp2
microsoft
sql server 2005 sp1
microsoft
sql server 2005 sp2
microsoft
sql server 2005 sp1
vmware
vcenter update manager 4.0
vmware
vcenter server 4.1
Denotes that component is vulnerable