Icon of program: Microsoft SQL Server 2000…

Microsoft SQL Server 2000 Remote Data Source Function Contains Unchecked Buffers for Windows

Used Microsoft SQL Server 2000 Remote Data Source Function Contains Unchecked Buffers for Windows?

Download.com has chosen not to provide a direct-download link for this product and offers this page for informational purposes only.

Editors’ Review

Download.com staff
This security update from Microsoft resolves an unchecked buffer vulnerability in SQL Server 7.0 and 2000. The flaw allows remote code execution or service failure.

  • Pros

    • Enables ad hoc connections to remote data sources.
    • Utilizes OLE DB providers for data access.
    • Allows direct invocation of OLE DB providers in queries.

  • Cons

    • Vulnerable to buffer overrun in OLE DB provider name handling.
    • Potential for SQL Server service to fail.
    • Risk of code execution in SQL Server security context.
    • Exploitable via crafted database queries.
    • Exploitable through front-end applications processing arbitrary queries.
Icon of program: Microsoft SQL Server 2000…

Microsoft SQL Server 2000 Remote Data Source Function Contains Unchecked Buffers for Windows

Used Microsoft SQL Server 2000 Remote Data Source Function Contains Unchecked Buffers for Windows?

Explore More

Full Specifications

GENERAL
Release
Latest update
Version
Q316333
OPERATING SYSTEMS
Platform
Windows
Operating System
  • Windows 10
  • Windows XP
  • Windows 98
  • Windows 2000
Additional Requirements
MS SQL Server 2000
POPULARITY
Total Downloads
198
Downloads Last Week
0
Report Software

Program available in other languages

Last Updated

Developer’s Description

By Microsoft
Security patch
One of the features of Structured Query Language (SQL) in SQL Server 7.0 and 2000 is the ability to connect to remote data sources. One capability of this feature is the ability to use �???�??�?�¢??ad hoc�???�??�?�¢?? connections to connect to remote data sources without setting up a linked server for less-often used data-sources. This is made possible through the use of OLE DB providers, which are low-level data source providers. This capability is made possible by invoking the OLE DB provider directly by name in a query to connect to the remote data source.

An unchecked buffer exists in the handling of OLE DB provider names in ad hoc connections. A buffer overrun could occur as a result and could be used to either cause the SQL Server service to fail, or to cause code to run in the security context of the SQL Server. SQL Server can be configured to run in various security contexts, and by default runs as a domain user. The precise privileges the attacker could gain would depend on the specific security context that the service runs in.

An attacker could exploit this vulnerability in one of two ways. They could attempt to load and execute a database query that calls one of the affected functions. Conversely, if a web-site or other database front-end were configured to access and process arbitrary queries, it could be possible for an attacker to provide inputs that would cause the query to call one of the functions in question with the appropriate malformed parameters.

Download.com
Your review for Microsoft SQL Server 2000 Remote Data Source Function Contains Unchecked Buffers