Vulnerability Details : CVE-2002-0649
Public exploit exists!
Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm.
Vulnerability category: Execute codeDenial of service
Products affected by CVE-2002-0649
- cpe:2.3:a:microsoft:sql_server:2000:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sql_server:2000:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sql_server:2000:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:data_engine:2000:*:*:*:*:*:*:*
Threat overview for CVE-2002-0649
Top countries where our scanners detected CVE-2002-0649
Top open port discovered on systems with this issue
1433
IPs affected by CVE-2002-0649 337
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2002-0649!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2002-0649
87.37%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2002-0649
-
MS02-039 Microsoft SQL Server Resolution Overflow
Disclosure Date: 2002-07-24First seen: 2020-04-26exploit/windows/mssql/ms02_039_slammerThis is an exploit for the SQL Server 2000 resolution service buffer overflow. This overflow is triggered by sending a udp packet to port 1434 which starts with 0x04 and is followed by long string terminating with a colon and a number. This module should wo
CVSS scores for CVE-2002-0649
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2002-0649
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2002-0649
-
http://www.securityfocus.com/archive/1/308388/30/26180/threaded
-
http://www.securityfocus.com/archive/1/308760/30/26120/threaded
-
http://marc.info/?l=ntbugtraq&m=102760479902411&w=2
-
http://marc.info/?l=bugtraq&m=102760196931518&w=2
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-039
-
http://www.kb.cert.org/vuls/id/484891
US Government Resource
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1077
-
http://www.securityfocus.com/archive/1/309096/30/26120/threaded
-
http://www.securityfocus.com/archive/1/308393/30/26180/threaded
-
http://www.securityfocus.com/archive/1/308324/30/26180/threaded
-
http://www.cert.org/advisories/CA-2002-22.html
US Government Resource
-
http://www.securityfocus.com/archive/1/308806/30/26120/threaded
-
http://www.securityfocus.com/archive/1/308419/30/26150/threaded
-
http://www.kb.cert.org/vuls/id/399260
US Government Resource
-
http://www.securityfocus.com/archive/1/309776/30/26090/threaded
-
http://www.securityfocus.com/archive/1/308321/30/26180/threaded
-
http://www.securityfocus.com/archive/1/309324/30/26120/threaded
-
http://www.securityfocus.com/archive/1/308396/30/26150/threaded
-
http://www.securityfocus.com/archive/1/308306/30/26180/threaded
-
http://www.cert.org/advisories/CA-2003-04.html
US Government Resource
-
http://secunia.com/advisories/7945
Vendor Advisory
-
http://www.securityfocus.com/bid/5310
Microsoft SQL Server 2000 Resolution Service Heap Overflow Vulnerability
-
http://www.securityfocus.com/archive/1/308418/30/26150/threaded
Jump to