|
Description
|
This indicates an attempt to exploit a stack overflow vulnerability in Microsoft SQL Server Resolution Service.
There is a flaw in some versions of Microsoft SQL Server that may allow a remote attacker to cause a Denial-of-Service or even execute arbitrary code on a target machine by passing it a specially-crafted packet. The SQL Slammer worm takes advantage of this vulnerability to attack Microsoft SQL servers.
|
|
|
|
Impact
|
Attackers can execute arbitrary code or cause a denial of service on the victim system.
|
|
|
|
Affected Products
|
Any unprotected MS SQL 2000 server is vulnerable to the attack.
|
|
Aliases
|
MSSQL.ResolutionService.Stack.Overflow
MSSQL.ResolutionService.Stack.Overflow.B
|
|
References
|
http://www.microsoft.com/technet/security/Bulletin/MS02-039.mspx
http://www.securityfocus.com/bid/5310
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2002-0649
http://www.cert.org/advisories/CA-2003-04.html
|
|
Recommended Actions
|
Patch the server from Microsoft at http://www.microsoft.com/technet/security/bulletin/ms02-039.mspx.
Block external access to the MS SQL service on port 1433 and 1434
|
