|
Family: Windows : Microsoft Bulletins --> Category: infos
Cumulative Patch for MS SQL Server (815495) Vulnerability Scan
Vulnerability Scan Summary Microsoft's SQL Version Query
Detailed Explanation for this Vulnerability Test
Synopsis :
Arbitrary code can be executed on the remote host through SQL service.
Description :
The remote Microsoft SQL server is vulnerable to several flaws :
- Named pipe hijacking
- Named Pipe Denial of Service
- SQL server buffer overrun
These flaws may allow a user to gain elevated rights on this
host.
Solution :
Microsoft has released a set of patches for MSSQL 7 and 2000 :
http://www.microsoft.com/technet/security/bulletin/ms03-031.mspx
Threat Level:
High / CVSS Base Score : 8
(AV:R/AC:H/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|