Buffer Overflow in Microsoft SQL Server 2000 and MSDE
CVE-2000-1088

Currently unrated

Key Information:

Vendor

Microsoft
Status
Sql Server
Data Engine
Vendor
CVE Published:
9 January 2001

What is CVE-2000-1088?

The vulnerability in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) arises from improper buffer length restrictions in the xp_SetSQLSecurity function. This oversight allows attackers to exploit the srv_paraminfo function within the SQL Server API for Extended Stored Procedures. As a result, this can lead to a denial of service or enable the execution of arbitrary commands on the affected system, potentially compromising its integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/2043
vdb-entryx_refsource_BID
http://marc.info/?l=bugtraq&m=97570884410184&w=2
vendor-advisoryx_refsource_ATSTAKE
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

27% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.