|
Microsoft SQL Server "sp_replwritetovarbin()" Buffer Overflow
|
|
Secunia Advisory:
|
SA33034
|
|
|
Release Date:
|
2008-12-09
|
|
Last Update:
|
2009-02-10
|
|
Popularity:
|
11,404 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Privilege escalation
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Storage Server 2003
|
|
| Software: | Microsoft SQL Server 2000
Microsoft SQL Server 2000 Desktop Engine (MSDE 2000)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition
|
|
|
Binary Analysis:
|
BA674 :: Available for 1 Credit 
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 2 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Solution:
Apply patches.
-- GDR Software Updates ---
SQL Server 2000 SP4:
http://www.microsoft.com/downloads/de...=d5bb816a-6e1a-47cb-92be-51c565ee184c
SQL Server 2000 Itanium-based Edition SP4:
http://www.microsoft.com/downloads/de...=d5bb816a-6e1a-47cb-92be-51c565ee184c
SQL Server 2005 SP2:
http://www.microsoft.com/downloads/de...=5dfb7998-0316-40e5-9fc5-7a1afc18e15e
SQL Server 2005 x64 Edition SP2:
http://www.microsoft.com/downloads/de...=5dfb7998-0316-40e5-9fc5-7a1afc18e15e
SQL Server 2005 with SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/de...=5dfb7998-0316-40e5-9fc5-7a1afc18e15e
Microsoft SQL Server 2000 Desktop Engine (MSDE 2000) SP4:
http://www.microsoft.com/downloads/de...=d5bb816a-6e1a-47cb-92be-51c565ee184c
SQL Server 2005 Express Edition SP2:
http://www.microsoft.com/downloads/de...=5dfb7998-0316-40e5-9fc5-7a1afc18e15e
SQL Server 2005 Express Edition with Advanced Services SP2:
http://www.microsoft.com/downloads/de...=5dfb7998-0316-40e5-9fc5-7a1afc18e15e
-- QFE Software Updates --
SQL Server 2000 SP4:
http://www.microsoft.com/downloads/de...=a93f3cfe-18c9-4218-a551-13bf415e418a
SQL Server 2000 Itanium-based Edition SP4:
http://www.microsoft.com/downloads/de...=a93f3cfe-18c9-4218-a551-13bf415e418a
SQL Server 2005 SP2:
http://www.microsoft.com/downloads/de...=aa2b82ca-e94e-4491-8639-f0749b1a0f3a
SQL Server 2005 x64 Edition SP2:
http://www.microsoft.com/downloads/de...=aa2b82ca-e94e-4491-8639-f0749b1a0f3a
SQL Server 2005 with SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/de...=aa2b82ca-e94e-4491-8639-f0749b1a0f3a
Microsoft SQL Server 2000 Desktop Engine (MSDE 2000) SP4:
http://www.microsoft.com/downloads/de...=a93f3cfe-18c9-4218-a551-13bf415e418a
SQL Server 2005 Express Edition SP2:
http://www.microsoft.com/downloads/de...=aa2b82ca-e94e-4491-8639-f0749b1a0f3a
SQL Server 2005 Express Edition with Advanced Services SP2:
http://www.microsoft.com/downloads/de...=aa2b82ca-e94e-4491-8639-f0749b1a0f3a
-- Windows Components --
Windows Server 2003 SP1/SP2 and Microsoft SQL Server 2000 Desktop Engine (WMSDE):
http://www.microsoft.com/downloads/de...=218809d6-a9fb-408b-a34d-ab2ac786994c
Windows Server 2003 SP1/SP2 and Windows Internal Database (WYukon) SP2:
http://www.microsoft.com/downloads/de...=16925be5-98d0-446b-9bbc-d9a2d335c69e
Windows Server 2003 x64 Edition (optionally with SP2) and SQL Server 2000 Desktop Engine (WMSDE):
http://www.microsoft.com/downloads/de...=87183155-6770-4ea2-acca-191de4d40d27
Windows Server 2003 x64 Edition (optionally with SP2) and Windows Internal Database (WYukon) x64 Edition SP2:
http://www.microsoft.com/downloads/de...=05c5c265-cfd7-4364-b323-77650b7f1e67
Windows Server 2008 for 32-bit Systems and Windows Internal Database (WYukon) SP2:
http://www.microsoft.com/downloads/de...=16925be5-98d0-446b-9bbc-d9a2d335c69e
Windows Server 2008 for x64-based Systems and Windows Internal Database (WYukon) x64 Edition SP2:
http://www.microsoft.com/downloads/de...=05c5c265-cfd7-4364-b323-77650b7f1e67
Provided and/or discovered by:
Bernhard Mueller, SEC Consult.
Changelog:
2008-12-12: Added "Microsoft SQL Server 2005" and "Microsoft SQL Server 2005 Express Edition" to the list of affected products.
2008-12-12: Added CVE reference.
2008-12-23: Added "Microsoft Windows Server 2003", "Microsoft Windows Server 2008", and "Microsoft SQL Server 2000 Desktop Engine (MSDE 2000)" to the list of affected products. Updated "Original Advisory" section and added CVE reference. Updated "Solution" section.
2008-12-26: Added link to US-CERT.
2009-02-10: Added additional information from Microsoft. Updated "Solution" section.
Original Advisory:
MS09-004 (KB959420, KB960082, KB960083, KB960089, KB960090):
http://www.microsoft.com/technet/security/Bulletin/MS09-004.mspx
Microsoft (KB961040):
http://www.microsoft.com/technet/security/advisory/961040.mspx
SEC Consult:
http://www.sec-consult.com/files/2008...000-sp_replwritetovarbin_memwrite.txt
Other References:
US-CERT VU#696644:
http://www.kb.cert.org/vuls/id/696644
Extended Solution:
The "Extended Solution" section is available for Secunia customers only. Request a trial and get access to the Secunia Customer Area and Extended Secunia advisories.
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
