CVE-2002-1137

Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data source" such as FoxPro, a variant of CAN-2002-0644.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/5877	Exploit Patch Vendor Advisory
http://www.scan-associates.net/papers/foxpro.txt
http://www.cisco.com/warp/public/707/cisco-sa-20030126-ms02-061.shtml
http://www.ciac.org/ciac/bulletins/n-003.shtml
https://exchange.xforce.ibmcloud.com/vulnerabilities/10255
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-056

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:data_engine:1.0:::::::*
	cpe:2.3:a:microsoft:data_engine:2000:::::::*
	cpe:2.3:a:microsoft:sql_server:7.0:sp3::::::
	cpe:2.3:a:microsoft:sql_server:7.0:sp4::::::
	cpe:2.3:a:microsoft:sql_server:2000:sp2::::::
	cpe:2.3:a:microsoft:sql_server:7.0:::::::*
	cpe:2.3:a:microsoft:sql_server:7.0:sp1::::::
	cpe:2.3:a:microsoft:sql_server:7.0:sp2::::::
	cpe:2.3:a:microsoft:sql_server:2000:::::::*
	cpe:2.3:a:microsoft:sql_server:2000:sp1::::::

Information

Published : 2002-10-10 21:00

Updated : 2018-10-12 14:31

NVD link : CVE-2002-1137

Mitre link : CVE-2002-1137

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

microsoft

sql_server
data_engine

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/5877", "name": "5877", "tags": ["Exploit", "Patch", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://www.scan-associates.net/papers/foxpro.txt", "name": "http://www.scan-associates.net/papers/foxpro.txt", "tags": [], "refsource": "MISC"}, {"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030126-ms02-061.shtml", "name": "20030203 Microsoft SQL Server 2000 Vulnerabilities in Cisco Products - MS02-061", "tags": [], "refsource": "CISCO"}, {"url": "http://www.ciac.org/ciac/bulletins/n-003.shtml", "name": "N-003", "tags": [], "refsource": "CIAC"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10255", "name": "mssql-dbcc-bo-variant(10255)", "tags": [], "refsource": "XF"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-056", "name": "MS02-056", "tags": [], "refsource": "MS"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a \"non-SQL OLEDB data source\" such as FoxPro, a variant of CAN-2002-0644."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2002-1137", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2002-10-11T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:data_engine:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:data_engine:2000:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server:7.0:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server:7.0:sp4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server:2000:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server:7.0:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server:7.0:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server:2000:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server:2000:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-12T21:31Z"}