ie8 fix
Click Here

Microsoft Security Bulletin MS02-039

Publisher's Description

From Microsoft:

SQL Server 2000 introduces the ability to host multiple instances of SQL Server on a single physical machine. Each instance operates for all intents and purposes as though it was a separate server. However, the multiple instances cannot all use the standard SQL Server session port (TCP 1433). While the default instance listens on TCP port 1433, named instances listen on any port assigned to them. The SQL Server Resolution Service, which operates on UDP port 1434, provides a way for clients to query for the appropriate network endpoints to use for a particular SQL Server instance. There are three security vulnerabilities here. The first two are buffer overruns. By sending a carefully crafted packet to the Resolution Service, an attacker could cause portions of system memory (the heap in one case, the stack in the other) to be overwritten. Overwriting it with random data would likely result in the failure of the SQL Server service; overwriting it with carefully selected data could allow the attacker to run code in the security context of the SQL Server service. The third vulnerability is a denial of service vulnerability. SQL uses a keep-alive mechanism to distinguish between active and passive instances. It is possible to create a keep-alive packet that, when sent to the Resolution Service, will cause SQL Server 2000 to respond with the same information. An attacker who created such a packet, spoofed the source address so that it appeared to come from a one SQL Server 2000 system, and sent it to a neighboring SQL Server 2000 system could cause the two systems to enter a never-ending cycle of keep-alive packet exchanges. This would consume resources on both systems, slowing performance considerably. Mitigating factors: Buffer Overruns in SQL Server Resolution Service:

  • SQL Server 2000 runs in a security context chosen by the administrator at installation time. By default, it runs as a Domain User. Thus, although the attackers code could take any desired action on the database, it would not necessarily have significant privileges at the operating system level if best practices have been followed.
  • The risk posed by the vulnerability could be mitigated by, if feasible, blocking port 1434 at the firewall.
Denial of Service via SQL Server Resolution Service:
  • An attack could be broken off by restarting the SQL Server 2000 service on either of the affected systems. Normal processing on both systems would resume once the attack ceased.
  • The vulnerability provides no way to gain any privileges on the system. It is a denial of service vulnerability only.

 
Make clusters faster
Tune cluster performance with Intel® Cluster Studio XE
Download Now

More Popular Database Software downloads

  1. Oracle Database 10g Express Edition

    3,037 downloads

  2. MySQL Database Server

    2,813 downloads

  3. PL/SQL Developer

    1,551 downloads

  4. Navicat Premium Essentials (Multiple Databases GUI)

    1,466 downloads

  5. Crystal Reports

    1,219 downloads

 
Try Windows Azure.
Build, host and scale applications in the cloud.
Download Now
All User Reviews

Add Your Review

or Log in or create an account to post a review.
You are logged in as . Please submit your review for Microsoft Security Bulletin MS02-039 Q323875
Add Your Review

The posting of advertisements, profanity, or personal attacks is prohibited.
Click here to review our site terms of use.

Submit your reply

Submit

The posting of advertisements, profanity, or personal attacks is prohibited.
Click here to review our site terms of use.

cancel

E-mail this review

Submit cancel

Report offensive content

If you believe this comment is offensive or violates the CNET's Site Terms of Use, you can report it below (this will not automatically remove the comment). Once reported, our staff will be notified and the comment will be reviewed.

Select type of offense:

Offensive: Sexually explicit or offensive language
Spam: Advertisements or commercial links
Disruptive posting: Flaming or offending other users
Illegal activities: Promote cracked software, or other illegal content
Submit cancel

See more CNET content tagged:

Microsoft SQL Server,
Microsoft SQL Server 2000,
denial of service,
instance,
packet

Error

close

ERROR MESSAGE

If you think this is an error, please contact CNET TechTracker Support for further assistance.

Ok

Running Request

close

loading

Smart Install Software

close

CNET TechTracker will now automatically install software without requiring further action by you. (Note: This feature automatically accepts associated EULAs and third party applications on your behalf.)

You have selected the following software to Smart Install:

CNET TechTracker will attempt to install this software without interrupting you again. If an application requires manual installation, CNET TechTracker will download the installer and prompt you to take further action.

Proceed with Smart Install?

Confirm Standard Install Cancel

Submit a problem report for Microsoft Security Bulletin MS02-039

close

Please describe the problem you have with this software. This information will be sent to our editors for review.

Problem:

The CNET Installer isn't working as expected

The download link does not work

The software has a newer version

The software contains malware

Other

Description:

Please select a feedback type.

Please enter a description.

Submit Problem Report

Problem Report submitted

close

Thank you for submitting a problem report! The Download team is committed to providing you with accurate software information.

OK