Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-1209

9 documents5 sources

Severity

10.0CRITICAL

EPSS

88.4%

top 0.50%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Compaq Insight Manager Compaq Insight Manager XE Microsoft Data Engine +1 more

Timeline

PublishedAug 12

Latest updateApr 30

Description

The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages4 packages

▶NVDmicrosoft/data_engine1.0

▶NVDcompaq/insight_manager7.0

▶NVDcompaq/insight_manager_xe6 versions+5

▶NVDmicrosoft/msde2000

Patches

Patch: www.iss.net ↗Patch: www.kb.cert.org ↗Patch: www.iss.net ↗

🔴Vulnerability Details

GHSA

GHSA-hwwv-vx36-7jpp: The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7↗2022-04-30

▶

CVEList

CVE-2000-1209: The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7↗2002-08-10

▶

💥Exploits & PoCs

Exploit-DB

Microsoft SQL Server - Payload Execution (via SQL Injection) (Metasploit)↗2011-02-08

▶

Exploit-DB

Microsoft SQL Server - Payload Execution (Metasploit)↗2010-12-21

▶

🔍Detection Rules

Suricata

GPL SQL sa brute force failed login unicode attempt↗2010-09-23

▶

Suricata

GPL SQL sa login failed↗2010-09-23

▶

Suricata

GPL SQL sa brute force failed login attempt↗2010-09-23

▶

Suricata

GPL SQL sa login failed↗2010-09-23

▶