Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2002-0649

Disclosure Date: August 12, 2002
CVE-2002-0649
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
exploit/windows/mssql/ms02_039_slammer
Reporter
Unknown

Vendors

  • microsoft

Products

  • data engine 2000,
  • sql server 2000

References

Canonical
CVE-2002-0649 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0649)
BID-5310 (http://www.securityfocus.com/bid/5310)
Advisory
20030126 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! (http://www.securityfocus.com/archive/1/308396/30/26150/threaded)
20030125 Sapphire SQL Worm Analysis Complete (http://www.securityfocus.com/archive/1/308418/30/26150/threaded)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1077
CA-2002-22 (http://www.cert.org/advisories/CA-2002-22.html)
VU#484891 (http://www.kb.cert.org/vuls/id/484891)
VU#399260 (http://www.kb.cert.org/vuls/id/399260)
SECUNIA-7945 (http://secunia.com/advisories/7945)
20030128 Re: MSDE contained in... (http://www.securityfocus.com/archive/1/308806/30/26120/threaded)
20030125 Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! (http://www.securityfocus.com/archive/1/308324/30/26180/threaded)
20030125 SQL Sapphire Worm Analysis (http://www.securityfocus.com/archive/1/308388/30/26180/threaded)
20030125 MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! (http://www.securityfocus.com/archive/1/308306/30/26180/threaded)
20030125 Fw: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! (http://www.securityfocus.com/archive/1/308321/30/26180/threaded)
20030128 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! (http://www.securityfocus.com/archive/1/308760/30/26120/threaded)
20030129 Re: MSDE contained in... (http://www.securityfocus.com/archive/1/309096/30/26120/threaded)
MS02-039 (https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-039)
20030126 Tool: Sapphire SQL Worm Scanner (http://www.securityfocus.com/archive/1/308419/30/26150/threaded)
20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002) (http://marc.info?l=bugtraq&m=102760196931518&w=2)
20030125 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! (http://www.securityfocus.com/archive/1/308393/30/26180/threaded)
CA-2003-04 (http://www.cert.org/advisories/CA-2003-04.html)
20030130 RE: MSDE contained in... (http://www.securityfocus.com/archive/1/309324/30/26120/threaded)
20030201 The Spread of the Sapphire/Slammer SQL Worm (http://www.securityfocus.com/archive/1/309776/30/26090/threaded)
Miscellaneous
20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002) (http://marc.info?l=ntbugtraq&m=102760479902411&w=2)

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis