| Check Point Reference: |
CPAI-2009-008 |
| Date Published: |
10 Feb 2009 |
| Severity: |
High
|
| Last Updated: |
Friday 13 February, 2009 |
| Source: |
Microsoft Security Bulletin MS09-004 |
| Industry Reference: | CVE-2008-5416 |
| Protection Provided by: |
|
| Who is Vulnerable? | SQL Server 2000 SP4
SQL Server 2000 (Itanium) SP4
SQL Server 2005 SP1
SQL Server 2005 SP2
SQL Server 2005 x64 Edition SP1
SQL Server 2005 x64 Edition SP2
SQL Server 2005 with SP1 (Itanium)
SQL Server 2005 with SP2 (Itanium)
Microsoft SQL Server 2000 Desktop Engine (MSDE 2000) SP4
Microsoft SQL Server 2005 Express Edition SP1
Microsoft SQL Server 2005 Express Edition SP2
Microsoft SQL Server 2005 Express Edition with Advanced Services SP1
Microsoft SQL Server 2005 Express Edition with Advanced Services SP2
Microsoft SQL Server 2000 Desktop Engine (WMSDE)
Windows Internal Database (WYukon) SP2 |
| Vulnerability Description |
A remote code execution vulnerability has been reported in Microsoft SQL Server. Microsoft SQL Server is a relational database management system (RDBMS). The flaw is in the way that SQL Server checks parameters in the "sp_replwritetovarbin" extended stored procedure. By sending a specially crafted SQL script to a target server, a remote attacker may trigger this vulnerability to execute arbitrary code on the affected system. |
| Update/Patch Avaliable | Apply patches:
Microsoft Security Bulletin MS09-004 |
| Vulnerability Details | The vulnerability in the MSSQL extended stored procedure, "sp_replwritetovarbin," is due to an invalid parameter check. To exploit this issue, an attacker may create a query that calls the vulnerable extended stored procedure with an invalid parameter. Successful exploitation may allow the attacker to take complete control of an affected system. |
Feedback