Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Date: 14 Jun 2002 13:24:11 -0000
From: martin rakhmanoff <[email protected]>
To: [email protected]
Subject: Microsoft SQL Server 2000 pwdencrypt() buffer overflow



Microsoft SQL Server 2000 (up to SP2) suffers from buffer/heap overflow in 
built-in hashing function pwdencrypt(). Sample code shown below crashes 
SQL Server service and may lead to arbitrary code execution:

SELECT pwdencrypt(REPLICATE('A',353))

On some systems it may require lager amount of characters to cause 
overflow (1000 is enough in any case)

This was confirmed by Microsoft but is not known when the patch will be 
released.

Cheers

Martin Rakhmanoff (jimmers)
[email protected]

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Партнёры:

Хостинг: