|
|
|||
| Rule General Information |
|---|
| Release Date: | 2010-09-23 | |
| Rule Name: | GPL SQL Slammer Worm propagation Vulnerability (CVE-2002-0649) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm. | |
| Impact: | A problem in the SQL Server Resolution Service allows a remote attacker to execute arbitrary code on a vulnerable host. The attacker could exploit a heap-based buffer overflow in the resolution service by sending a maliciously crafted UDP packet to port 1434. | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | SecurityFocusBID:5310 http://marc.info/?l=bugtraq&m=102760196931518&w=2 http://marc.info/?l=ntbugtraq&m=102760479902411&w=2 http://www.cert.org/advisories/CA-2002-22.html |
|
| Solutions |
|---|
| Applying a patch is able to eliminate this problem, please visit: https://www.securityfocus.com/bid/5310/solution |