Denial of Service Vulnerability in Microsoft SQL Server 7 and 2000
CVE-2003-0231

Currently unrated

Key Information:

Vendor
Microsoft
Status
Sql Server
Data Engine
Vendor
CVE Published:
27 August 2003

Summary

Microsoft SQL Server versions 7 and 2000, along with MSDE, are susceptible to a vulnerability that allows authenticated users to exploit named pipes. By sending a long request to a named pipe, these users can cause the server to crash or become unresponsive. This vulnerability underscores the importance of securing authentic access and closely monitoring request lengths in network communications.

References

http://www.atstake.com/research/advisories/2003/a072303-2...
vendor-advisoryx_refsource_ATSTAKE
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

23% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2003-0231 : Denial of Service Vulnerability in Microsoft SQL Server 7 and 2000 | SecurityVulnerability.io