CVE-2000-1086

4 documents4 sources

Severity

4.6MEDIUM

EPSS

43.1%

top 2.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Data Engine Microsoft SQL Server

Timeline

PublishedJan 9

Latest updateApr 30

Description

The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶NVDmicrosoft/sql_server2000, 7.0+1

▶NVDmicrosoft/data_engine1.0, 2000+1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-mf6v-4fxg-pwvj: The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer be↗2022-04-30

▶

CVEList

CVE-2000-1086: The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer be↗2000-12-19

▶

🔍Detection Rules

Suricata

GPL SQL xp_printstatements possible buffer overflow↗2010-09-23

▶