Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-1560Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft SQL Server

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
14.1%
top 5.62%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft SQL Server
Timeline
PublishedDec 31
Latest updateApr 29

Description

Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service (mssqlserver service halt) via a long request to TCP port 1433, possibly triggering a buffer overflow.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-vh3m-wq9r-2jrp: Microsoft SQL Server 72022-04-29
CVEList
CVE-2004-1560: Microsoft SQL Server 72005-02-20

💥Exploits & PoCs

1
Exploit-DB
MSSQL 7.0 - Remote Denial of Service2004-09-29
CVE-2004-1560 — Microsoft SQL Server vulnerability | cvebase