Used Microsoft SQL Server 2000 Remote Data Source Function Contains Unchecked Buffers for Windows? Share your experience and help other users.
Developer’s Description
An unchecked buffer exists in the handling of OLE DB provider names in ad hoc connections. A buffer overrun could occur as a result and could be used to either cause the SQL Server service to fail, or to cause code to run in the security context of the SQL Server. SQL Server can be configured to run in various security contexts, and by default runs as a domain user. The precise privileges the attacker could gain would depend on the specific security context that the service runs in.
An attacker could exploit this vulnerability in one of two ways. They could attempt to load and execute a database query that calls one of the affected functions. Conversely, if a web-site or other database front-end were configured to access and process arbitrary queries, it could be possible for an attacker to provide inputs that would cause the query to call one of the functions in question with the appropriate malformed parameters.
Used Microsoft SQL Server 2000 Remote Data Source Function Contains Unchecked Buffers for Windows? Share your experience and help other users.
Explore More
MySQL Connector/ODBC (64-Bit)
Free
UCanAccess
Free
MySQL Connector/NET
Free
Export Query to Text for SQL Server Standard
Trial version
Aqua Data Studio
Trial version
AccessToMysql
Trial version
TxtToDB2
Trial version
SQL Server Comparison Expert
Trial version
DBConvert for MySQL and PostgreSQL
Trial version
Scribes Report Tool
Trial version
Lotus Notes Profiler
Trial version
MySQL Connector/ODBC
Free
