Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.11217
Kategorie:Windows
Titel:Microsoft's SQL Version Query
Zusammenfassung:The plugin attempts a smb connection to read version from; the registry key; SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\CurrentVersion; to determine the Version of SQL and Service Pack the host; is running.
Beschreibung:Summary:
The plugin attempts a smb connection to read version from
the registry key
SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\CurrentVersion
to determine the Version of SQL and Service Pack the host
is running.

Vulnerability Impact:
Some versions may allow remote access, denial of service
attacks, and the ability of a hacker to run code of their choice.

Solution:
Apply current service packs and hotfixes

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: BugTraq ID: 1292
BugTraq ID: 2030
BugTraq ID: 2042
BugTraq ID: 2043
BugTraq ID: 2863
BugTraq ID: 3733
BugTraq ID: 4135
BugTraq ID: 4847
BugTraq ID: 5014
BugTraq ID: 5205
Common Vulnerability Exposure (CVE) ID: CVE-2000-1081
@stake Security Advisory: 20001201 Microsoft SQL Server extended stored procedure vulnerability
http://marc.info/?l=bugtraq&m=97570878710037&w=2
http://www.securityfocus.com/bid/2030
Microsoft Security Bulletin: MS00-092
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-092
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A231
Common Vulnerability Exposure (CVE) ID: CVE-2000-0202
BugTraq ID: 1041
http://www.securityfocus.com/bid/1041
Microsoft Security Bulletin: MS00-014
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-014
Common Vulnerability Exposure (CVE) ID: CVE-2000-0485
http://www.securityfocus.com/bid/1292
Bugtraq: 20000530 Fw: Steal Passwords Using SQL Server EM (Google Search)
http://www.securityfocus.com/archive/1/62771
Microsoft Security Bulletin: MS00-041
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-041
XForce ISS Database: mssql-dts-reveal-passwords(4582)
https://exchange.xforce.ibmcloud.com/vulnerabilities/4582
Common Vulnerability Exposure (CVE) ID: CVE-2000-1087
@stake Security Advisory: 20001201 SQL Server 2000 Extended Stored Procedure Vulnerability
http://marc.info/?l=bugtraq&m=97570884410184&w=2
http://www.securityfocus.com/bid/2042
Common Vulnerability Exposure (CVE) ID: CVE-2000-1088
http://www.securityfocus.com/bid/2043
Common Vulnerability Exposure (CVE) ID: CVE-2002-0982
Bugtraq: 20020822 Arbitrary Command Execution on Distributor SQL Server 2000 machines (#NISR22002002A) (Google Search)
http://marc.info/?l=bugtraq&m=103004505027360&w=2
Common Vulnerability Exposure (CVE) ID: CVE-2001-0542
@stake Security Advisory: A122001-1
http://www.atstake.com/research/advisories/2001/a122001-1.txt
http://www.securityfocus.com/bid/3733
Bugtraq: 20011221 @stake advisory: Multiple overflow and format string vulnerabilities in in Microsoft SQL Server (Google Search)
http://marc.info/?l=bugtraq&m=100891252317406&w=2
CERT/CC vulnerability note: VU#700575
http://www.kb.cert.org/vuls/id/700575
Microsoft Security Bulletin: MS01-060
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-060
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A83
XForce ISS Database: mssql-text-message-bo(7724)
https://exchange.xforce.ibmcloud.com/vulnerabilities/7724
Common Vulnerability Exposure (CVE) ID: CVE-2001-0344
Computer Incident Advisory Center Bulletin: L-095
http://www.ciac.org/ciac/bulletins/l-095.shtml
Microsoft Security Bulletin: MS01-032
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-032
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A71
XForce ISS Database: mssql-cached-connection-access(6684)
https://exchange.xforce.ibmcloud.com/vulnerabilities/6684
CopyrightThis script is Copyright (C) 2003 John Lampe

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.