CVE-2000-1082

4 documents4 sources

Severity

4.6MEDIUM

EPSS

43.1%

top 2.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Data Engine Microsoft SQL Server

Timeline

PublishedJan 9

Latest updateApr 30

Description

The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶NVDmicrosoft/sql_server2000, 7.0+1

▶NVDmicrosoft/data_engine1.0, 2000+1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-559q-jfjp-2w9j: The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before ca↗2022-04-30

▶

CVEList

CVE-2000-1082: The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before ca↗2000-12-19

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows NT 4.0/2000 - TCP/IP Printing Service Denial of Service↗2000-03-30

▶