Denial of Service Vulnerability in Microsoft SQL Server 7 and 2000
CVE-2003-0231

Currently unrated

Key Information:

Vendor: Microsoft
Status: Sql Server; Data Engine
Vendor: CVE Published:; 27 August 2003

What is CVE-2003-0231?

Microsoft SQL Server versions 7 and 2000, along with MSDE, are susceptible to a vulnerability that allows authenticated users to exploit named pipes. By sending a long request to a named pipe, these users can cause the server to crash or become unresponsive. This vulnerability underscores the importance of securing authentic access and closely monitoring request lengths in network communications.

References

http://www.atstake.com/research/advisories/2003/a072303-2...

vendor-advisoryx_refsource_ATSTAKE

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

23% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 27, 2003
Vulnerability Reserved
Apr 30, 2003