New Search

Unchecked Buffer in Password Encryption Procedure

oval:org.mitre.oval:def:291

Buffer overflow in the password encryption function of Microsoft SQL Server 2000 including Microsoft SQL Server Desktop Engine (MSDE) 2000 allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication aka "Unchecked Buffer in Password Encryption Procedure."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2002-0624
Product(s):
  • Microsoft SQL Server 2000 Desktop Engine (WMSDE)
  • Microsoft SQL Server 2000