Used Microsoft SQL Server 2000 Remote Data Source Function Contains Unchecked Buffers for Windows? Share your experience and help other users.
Developer’s Description
An unchecked buffer exists in the handling of OLE DB provider names in ad hoc connections. A buffer overrun could occur as a result and could be used to either cause the SQL Server service to fail, or to cause code to run in the security context of the SQL Server. SQL Server can be configured to run in various security contexts, and by default runs as a domain user. The precise privileges the attacker could gain would depend on the specific security context that the service runs in.
An attacker could exploit this vulnerability in one of two ways. They could attempt to load and execute a database query that calls one of the affected functions. Conversely, if a web-site or other database front-end were configured to access and process arbitrary queries, it could be possible for an attacker to provide inputs that would cause the query to call one of the functions in question with the appropriate malformed parameters.
Used Microsoft SQL Server 2000 Remote Data Source Function Contains Unchecked Buffers for Windows? Share your experience and help other users.
Explore More
Cross-Database Comparator Pro
Trial version
Oracle Data Sync
Trial version
dbForge Index Manager for SQL Server
Trial version
DB2 Data Sync
Trial version
Firebird Code Factory
Trial version
Viobo MSSQL to MySQL Data Migrator Business
Trial version
ASA Data Sync
Trial version
myDBR
Trial version
SysInfoTools SQLite File Viewer
Free
MaxDB Data Sync
Trial version
SQLite Data Sync
Trial versiondbMonitor
Free
