VULHUB ™

Microsoft Security Bulletin MS02-039 - Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution. Sending a carefully crafted packet to the Resolution Service, an attacker could cause portions of system memory (the heap in one case, the stack in the other) to be overwritten. Overwriting it with random data would likely result in the failure of the SQL Server service. Overwriting it with carefully selected data could allow the attacker to run code in the security context of the SQL Server service.

Microsoft Security Bulletin MS02-039 - Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution. Sending a carefully crafted packet to the Resolution Service, an attacker could cause portions of system memory (the heap in one case, the stack in the other) to be overwritten. Overwriting it with random data would likely result in the failure of the SQL Server service. Overwriting it with carefully selected data could allow the attacker to run code in the security context of the SQL Server service.