Vulnerability-Lookup

CVE-2008-5416 (GCVE-0-2008-5416)

Vulnerability from cvelistv5 – Published: 2008-12-10 13:33 – Updated: 2024-08-07 10:56

Summary

Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka "SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability."

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.sec-consult.com/files/20081209_mssql-2…	x_refsource_MISC
	http://www.vupen.com/english/advisories/2008/3380	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/33034	third-party-advisoryx_refsource_SECUNIA
	http://osvdb.org/50917	vdb-entryx_refsource_OSVDB
	http://securitytracker.com/id?1021363	vdb-entryx_refsource_SECTRACK
	https://www.exploit-db.com/exploits/7501	exploitx_refsource_EXPLOIT-DB
	http://securitytracker.com/id?1021490	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.kb.cert.org/vuls/id/696644	third-party-advisoryx_refsource_CERT-VN
	http://www.securityfocus.com/archive/1/499042/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/499085/100…	mailing-listx_refsource_BUGTRAQ
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://securityreason.com/securityalert/4706	third-party-advisoryx_refsource_SREASON
	http://www.vmware.com/support/vsphere4/doc/vsp_vc…	x_refsource_CONFIRM
	http://www.microsoft.com/technet/security/advisor…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/32710	vdb-entryx_refsource_BID
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.vmware.com/security/advisories/VMSA-20…	x_refsource_CONFIRM
	http://www.us-cert.gov/cas/techalerts/TA09-041A.html	third-party-advisoryx_refsource_CERT
	http://archives.neohapsis.com/archives/fulldisclo…	mailing-listx_refsource_FULLDISC
	http://www.securityfocus.com/archive/1/516397/100…	mailing-listx_refsource_BUGTRAQ
	http://support.avaya.com/elmodocs2/security/ASA-2…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:56:45.789Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt"
          },
          {
            "name": "ADV-2008-3380",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/3380"
          },
          {
            "name": "33034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33034"
          },
          {
            "name": "50917",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/50917"
          },
          {
            "name": "1021363",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021363"
          },
          {
            "name": "7501",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/7501"
          },
          {
            "name": "1021490",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021490"
          },
          {
            "name": "mssql-spreplwritetovarbin-bo(47182)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47182"
          },
          {
            "name": "VU#696644",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/696644"
          },
          {
            "name": "20081209 SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/499042/100/0/threaded"
          },
          {
            "name": "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite(update to SEC Consult SA-20081209)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/499085/100/0/threaded"
          },
          {
            "name": "MS09-004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-004"
          },
          {
            "name": "4706",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/4706"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.microsoft.com/technet/security/advisory/961040.mspx"
          },
          {
            "name": "32710",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/32710"
          },
          {
            "name": "oval:org.mitre.oval:def:6217",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6217"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
          },
          {
            "name": "TA09-041A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-041A.html"
          },
          {
            "name": "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite (update to SEC Consult SA-20081209)",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html"
          },
          {
            "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-12-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka \"SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt"
        },
        {
          "name": "ADV-2008-3380",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/3380"
        },
        {
          "name": "33034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33034"
        },
        {
          "name": "50917",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/50917"
        },
        {
          "name": "1021363",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021363"
        },
        {
          "name": "7501",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/7501"
        },
        {
          "name": "1021490",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021490"
        },
        {
          "name": "mssql-spreplwritetovarbin-bo(47182)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47182"
        },
        {
          "name": "VU#696644",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/696644"
        },
        {
          "name": "20081209 SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/499042/100/0/threaded"
        },
        {
          "name": "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite(update to SEC Consult SA-20081209)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/499085/100/0/threaded"
        },
        {
          "name": "MS09-004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-004"
        },
        {
          "name": "4706",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/4706"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.microsoft.com/technet/security/advisory/961040.mspx"
        },
        {
          "name": "32710",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/32710"
        },
        {
          "name": "oval:org.mitre.oval:def:6217",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6217"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
        },
        {
          "name": "TA09-041A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-041A.html"
        },
        {
          "name": "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite (update to SEC Consult SA-20081209)",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html"
        },
        {
          "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-5416",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka \"SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt",
              "refsource": "MISC",
              "url": "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt"
            },
            {
              "name": "ADV-2008-3380",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/3380"
            },
            {
              "name": "33034",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33034"
            },
            {
              "name": "50917",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/50917"
            },
            {
              "name": "1021363",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021363"
            },
            {
              "name": "7501",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/7501"
            },
            {
              "name": "1021490",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021490"
            },
            {
              "name": "mssql-spreplwritetovarbin-bo(47182)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47182"
            },
            {
              "name": "VU#696644",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/696644"
            },
            {
              "name": "20081209 SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/499042/100/0/threaded"
            },
            {
              "name": "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite(update to SEC Consult SA-20081209)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/499085/100/0/threaded"
            },
            {
              "name": "MS09-004",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-004"
            },
            {
              "name": "4706",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/4706"
            },
            {
              "name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
            },
            {
              "name": "http://www.microsoft.com/technet/security/advisory/961040.mspx",
              "refsource": "CONFIRM",
              "url": "http://www.microsoft.com/technet/security/advisory/961040.mspx"
            },
            {
              "name": "32710",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/32710"
            },
            {
              "name": "oval:org.mitre.oval:def:6217",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6217"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
            },
            {
              "name": "TA09-041A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-041A.html"
            },
            {
              "name": "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite (update to SEC Consult SA-20081209)",
              "refsource": "FULLDISC",
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html"
            },
            {
              "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-5416",
    "datePublished": "2008-12-10T13:33:00.000Z",
    "dateReserved": "2008-12-10T00:00:00.000Z",
    "dateUpdated": "2024-08-07T10:56:45.789Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

FKIE_CVE-2008-5416

Vulnerability from fkie_nvd - Published: 2008-12-10 14:00 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html
cve@mitre.org	http://osvdb.org/50917
cve@mitre.org	http://secunia.com/advisories/33034	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/4706
cve@mitre.org	http://securitytracker.com/id?1021363
cve@mitre.org	http://securitytracker.com/id?1021490
cve@mitre.org	http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm
cve@mitre.org	http://www.kb.cert.org/vuls/id/696644	US Government Resource
cve@mitre.org	http://www.microsoft.com/technet/security/advisory/961040.mspx
cve@mitre.org	http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt	Exploit
cve@mitre.org	http://www.securityfocus.com/archive/1/499042/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/499085/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/516397/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/32710	Exploit
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA09-041A.html	US Government Resource
cve@mitre.org	http://www.vmware.com/security/advisories/VMSA-2011-0003.html
cve@mitre.org	http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
cve@mitre.org	http://www.vupen.com/english/advisories/2008/3380
cve@mitre.org	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-004
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/47182
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6217
cve@mitre.org	https://www.exploit-db.com/exploits/7501
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/50917
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33034	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/4706
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021363
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021490
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/696644	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.microsoft.com/technet/security/advisory/961040.mspx
af854a3a-2127-422b-91ae-364da2661108	http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/499042/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/499085/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/516397/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/32710	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA09-041A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2011-0003.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/3380
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-004
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/47182
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6217
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/7501

Impacted products

	Vendor	Product	Version
	microsoft	sql_server	2000
	microsoft	sql_server	2005

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2000:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5D559EE-727C-405C-987C-247973A84D32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:*:*:*:*:*:*:*",
              "matchCriteriaId": "36909BE0-9171-456B-9323-4DB04F921DE9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka \"SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en SQL Server 2000 SP4, versiones 8.00.2050, 8.00.2039 y anteriores; Motor SQL Server 2000 Desktop (MSDE 2000) SP4; SQL Server 2005 SP2 y versi\u00f3n 9.00.1399.06; Motor SQL Server 2000 Desktop (WMSDE) en Windows Server 2003 SP1 y SP2; y Windows Internal Database (WYukon) SP2, de Microsoft, permite a los usuarios autenticados remotos causar una denegaci\u00f3n de servicio (excepci\u00f3n de violaci\u00f3n de acceso) o ejecutar c\u00f3digo arbitrario mediante una llamada a un procedimiento almacenado extendido sp_replwritetovarbin con un conjunto de par\u00e1metros no v\u00e1lidos que desencadenan la sobrescritura de memoria, tambi\u00e9n se conoce como \"SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability\"."
    }
  ],
  "id": "CVE-2008-5416",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-12-10T14:00:01.207",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/50917"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33034"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/4706"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1021363"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1021490"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/696644"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.microsoft.com/technet/security/advisory/961040.mspx"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/499042/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/499085/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/32710"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-041A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/3380"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-004"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47182"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6217"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.exploit-db.com/exploits/7501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/50917"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/4706"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021363"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/696644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.microsoft.com/technet/security/advisory/961040.mspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/499042/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/499085/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/32710"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-041A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/3380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47182"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/7501"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2008-5416

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2008-5416

Aliases

CVE-2008-5416

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-5416",
    "description": "Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka \"SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability.\"",
    "id": "GSD-2008-5416",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2008-5416"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-5416"
      ],
      "details": "Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka \"SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability.\"",
      "id": "GSD-2008-5416",
      "modified": "2023-12-13T01:23:04.351458Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-5416",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka \"SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt",
            "refsource": "MISC",
            "url": "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt"
          },
          {
            "name": "ADV-2008-3380",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/3380"
          },
          {
            "name": "33034",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/33034"
          },
          {
            "name": "50917",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/50917"
          },
          {
            "name": "1021363",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1021363"
          },
          {
            "name": "7501",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/7501"
          },
          {
            "name": "1021490",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1021490"
          },
          {
            "name": "mssql-spreplwritetovarbin-bo(47182)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47182"
          },
          {
            "name": "VU#696644",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/696644"
          },
          {
            "name": "20081209 SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/499042/100/0/threaded"
          },
          {
            "name": "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite(update to SEC Consult SA-20081209)",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/499085/100/0/threaded"
          },
          {
            "name": "MS09-004",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-004"
          },
          {
            "name": "4706",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/4706"
          },
          {
            "name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
            "refsource": "CONFIRM",
            "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
          },
          {
            "name": "http://www.microsoft.com/technet/security/advisory/961040.mspx",
            "refsource": "CONFIRM",
            "url": "http://www.microsoft.com/technet/security/advisory/961040.mspx"
          },
          {
            "name": "32710",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/32710"
          },
          {
            "name": "oval:org.mitre.oval:def:6217",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6217"
          },
          {
            "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
            "refsource": "CONFIRM",
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
          },
          {
            "name": "TA09-041A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-041A.html"
          },
          {
            "name": "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite (update to SEC Consult SA-20081209)",
            "refsource": "FULLDISC",
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html"
          },
          {
            "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
          },
          {
            "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm",
            "refsource": "CONFIRM",
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:sql_server:2000:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:sql_server:2005:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-5416"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka \"SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt"
            },
            {
              "name": "33034",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/33034"
            },
            {
              "name": "32710",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/32710"
            },
            {
              "name": "1021363",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1021363"
            },
            {
              "name": "1021490",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1021490"
            },
            {
              "name": "http://www.microsoft.com/technet/security/advisory/961040.mspx",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.microsoft.com/technet/security/advisory/961040.mspx"
            },
            {
              "name": "VU#696644",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/696644"
            },
            {
              "name": "4706",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/4706"
            },
            {
              "name": "TA09-041A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-041A.html"
            },
            {
              "name": "50917",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/50917"
            },
            {
              "name": "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite (update to SEC Consult SA-20081209)",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
            },
            {
              "name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
            },
            {
              "name": "ADV-2008-3380",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/3380"
            },
            {
              "name": "mssql-spreplwritetovarbin-bo(47182)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47182"
            },
            {
              "name": "7501",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "https://www.exploit-db.com/exploits/7501"
            },
            {
              "name": "oval:org.mitre.oval:def:6217",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6217"
            },
            {
              "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
            },
            {
              "name": "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite(update to SEC Consult SA-20081209)",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/499085/100/0/threaded"
            },
            {
              "name": "20081209 SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/499042/100/0/threaded"
            },
            {
              "name": "MS09-004",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-004"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-12T21:49Z",
      "publishedDate": "2008-12-10T14:00Z"
    }
  }
}

CERTA-2009-AVI-061

Vulnerability from certfr_avis - Published: 2009-02-11 - Updated: 2009-02-11

Une vulnérabilité affectant Microsoft SQL Server permettant l'exécution de code arbitraire à distance a été corrigée.

Description

Une vulnérabilité concernant une erreur de vérification des paramètres dans la procédure stockée sp_replwritetovarbin a été corrigée. Elle permet l'exécution de code arbitraire à distance par une personne malveillante, connectée au serveur ou utilisant une injection de code SQL.

Solution

Se référer au bulletin de sécurité Microsoft MS09-004 pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft SQL Server 2000 SP4 ;
Microsoft	N/A	Microsoft SQL Server 2005 SP2 ;
Microsoft	Windows	Microsoft Windows Internal Database SP2.
Microsoft	N/A	Microsoft SQL Server 2000 Desktop Engine ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS09-004 du 10 février 2009

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft SQL Server 2000 SP4 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2005 SP2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Internal Database SP2.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2000 Desktop Engine ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 concernant une erreur de v\u00e9rification des param\u00e8tres\ndans la proc\u00e9dure stock\u00e9e sp_replwritetovarbin a \u00e9t\u00e9 corrig\u00e9e. Elle\npermet l\u0027ex\u00e9cution de code arbitraire \u00e0 distance par une personne\nmalveillante, connect\u00e9e au serveur ou utilisant une injection de code\nSQL.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Microsoft MS09-004 pour l\u0027obtention\ndes correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-5416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5416"
    }
  ],
  "initial_release_date": "2009-02-11T00:00:00",
  "last_revision_date": "2009-02-11T00:00:00",
  "links": [],
  "reference": "CERTA-2009-AVI-061",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-02-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 affectant \u003cspan class=\"textit\"\u003eMicrosoft SQL\nServer\u003c/span\u003e permettant l\u0027ex\u00e9cution de code arbitraire \u00e0 distance a \u00e9t\u00e9\ncorrig\u00e9e.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft SQL",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-004 du 10 f\u00e9vrier 2009",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-004.mspx"
    }
  ]
}

GHSA-QHRX-Q7MR-Q5X7

Vulnerability from github – Published: 2022-05-14 02:36 – Updated: 2022-05-14 02:36

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-5416"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-12-10T14:00:00Z",
    "severity": "HIGH"
  },
  "details": "Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka \"SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability.\"",
  "id": "GHSA-qhrx-q7mr-q5x7",
  "modified": "2022-05-14T02:36:48Z",
  "published": "2022-05-14T02:36:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5416"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-004"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47182"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6217"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/7501"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/50917"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/33034"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/4706"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1021363"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1021490"
    },
    {
      "type": "WEB",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/696644"
    },
    {
      "type": "WEB",
      "url": "http://www.microsoft.com/technet/security/advisory/961040.mspx"
    },
    {
      "type": "WEB",
      "url": "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/499042/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/499085/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/32710"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-041A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/3380"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2008-ALE-017

Vulnerability from certfr_alerte - Published: 2008-12-12 - Updated: 2009-02-11

Une vulnérabilité dans Microsoft SQL Server permet à une personne malintentionnée d'exécuter du code arbitraire.

Description

Une vulnérabilité de type débordement de mémoire dans la procédure stockée étendue sp_replwritetovarbin() de Microsoft SQL Server permet à une personne malintentionnée d'exécuter du code arbitraire.

Associée à une vulnérabilité de type injection de code SQL, cette vulnérabilité permet une exécution de code à distance.

Contournement provisoire

Il est recommandé de supprimer la procédure stockée étendue vulnérable ou d'en changer les droits d'exécution (cf. section Documentation).

Ceci peut entrainer des dysfonctionnements dans d'autres applications.

Les bonnes pratiques en matière de développement Web, notamment pour se protéger des injections SQL peuvent limiter les possibilités d'exploitation de cette vulnérabilité.

Solution

Se référer au bulletin de sécurité Microsoft MS09-004 pour l'obtention des correctifs (cf. section Documentation).

Microsoft SQL Server 2000 ;
Microsoft SQL Server 2005 ;
Microsoft SQL Server 2005 Express Edition ;
Microsoft SQL Server 2000 Desktop Engine (MSDE 2000 et WMSDE) ;
Windows Internal Database (WYukon).

Les systèmes Microsoft SQL Server 7.0 SP 4, Microsoft SQL Server 2005 SP3 et Microsoft SQL Server 2008 ne seraient pas affectés.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Avis de sécurité Microsoft 961040 du 22 décembre 2008 :	-	other
Bulletin de sécurité Microsoft MS09-004 du 10 février 2009 :	-	other
Bulletin de sécurité Microsoft MS09-004 du 10 février 2009 :	-	other
Avis CERTA-2009-AVI-061 :	-	other
Désactivation de procédures stockées étendues :	-	other
Bloc-notes SVRD, "More information about the SQL stored procedure vulnerability", 22 décembre 2008 :	-	other
Référence CVE CVE-5416:	-	other
Bloc-notes MSRC, "Microsoft Security Advisory 961040" du 22 décembre 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cUL\u003e    \u003cLI\u003eMicrosoft SQL Server 2000 ;\u003c/LI\u003e    \u003cLI\u003eMicrosoft SQL Server 2005 ;\u003c/LI\u003e    \u003cLI\u003eMicrosoft SQL Server 2005 Express Edition ;\u003c/LI\u003e    \u003cLI\u003eMicrosoft SQL Server 2000 Desktop Engine (MSDE 2000 et    WMSDE) ;\u003c/LI\u003e    \u003cLI\u003eWindows Internal Database (WYukon).\u003c/LI\u003e  \u003c/UL\u003e  \u003cP\u003eLes syst\u00e8mes Microsoft SQL Server 7.0 SP 4, Microsoft SQL  Server 2005 SP3 et Microsoft SQL Server 2008 ne seraient pas  affect\u00e9s.\u003c/P\u003e",
  "closed_at": "2009-02-11",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de m\u00e9moire dans la proc\u00e9dure\nstock\u00e9e \u00e9tendue sp_replwritetovarbin() de Microsoft SQL Server permet \u00e0\nune personne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire.\n\nAssoci\u00e9e \u00e0 une vuln\u00e9rabilit\u00e9 de type injection de code SQL, cette\nvuln\u00e9rabilit\u00e9 permet une ex\u00e9cution de code \u00e0 distance.\n\n## Contournement provisoire\n\nIl est recommand\u00e9 de supprimer la proc\u00e9dure stock\u00e9e \u00e9tendue vuln\u00e9rable\nou d\u0027en changer les droits d\u0027ex\u00e9cution (cf. section Documentation).\n\nCeci peut entrainer des dysfonctionnements dans d\u0027autres applications.\n\nLes bonnes pratiques en mati\u00e8re de d\u00e9veloppement Web, notamment pour se\nprot\u00e9ger des injections SQL peuvent limiter les possibilit\u00e9s\nd\u0027exploitation de cette vuln\u00e9rabilit\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Microsoft MS09-004 pour l\u0027obtention\ndes correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-5416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5416"
    }
  ],
  "initial_release_date": "2008-12-12T00:00:00",
  "last_revision_date": "2009-02-11T00:00:00",
  "links": [
    {
      "title": "Avis de s\u00e9curit\u00e9 Microsoft 961040 du 22 d\u00e9cembre    2008\u00a0:",
      "url": "http://www.microsoft.com/technet/security/advisory/961040.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-004 du 10 f\u00e9vrier 2009    :",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-004.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-004 du 10 f\u00e9vrier 2009    :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS09-004.mspx"
    },
    {
      "title": "Avis CERTA-2009-AVI-061 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-AVI-061/index.html"
    },
    {
      "title": "D\u00e9sactivation de proc\u00e9dures stock\u00e9es \u00e9tendues :",
      "url": "http://msdn.microsoft.com/fr-fr/library/ms189506.aspx"
    },
    {
      "title": "Bloc-notes SVRD, \"More information about the SQL stored    procedure vulnerability\", 22 d\u00e9cembre 2008\u00a0:",
      "url": "http://blogs.technet.com/swi/archive/2008/12/22/more-information-about-the-sql-stored-procedure-vulnerability.aspx"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-5416:",
      "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5416"
    },
    {
      "title": "Bloc-notes MSRC, \"Microsoft Security Advisory 961040\" du 22    d\u00e9cembre 2008\u00a0:",
      "url": "http://blogs.technet.com/msrc/archive/2008/12/22/microsoft-security-advisory-961040.aspx"
    }
  ],
  "reference": "CERTA-2008-ALE-017",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-12-12T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence CVE, des liens Microsoft et mise \u00e0 jour des versions vuln\u00e9rables.",
      "revision_date": "2008-12-23T00:00:00.000000"
    },
    {
      "description": "ajout de la section solution et modification du CVE",
      "revision_date": "2009-02-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans \u003cspan class=\"textit\"\u003eMicrosoft SQL Server\u003c/span\u003e\npermet \u00e0 une personne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft SQL Server",
  "vendor_advisories": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-5416 (GCVE-0-2008-5416)

FKIE_CVE-2008-5416

GSD-2008-5416

CERTA-2009-AVI-061

Description

Solution

GHSA-QHRX-Q7MR-Q5X7

CERTA-2008-ALE-017

Description

Contournement provisoire

Solution

Tags

Sightings

Nomenclature