Reported December 20, 2001, by @Stake.
Microsoft SQL Server 2000
Microsoft SQL Server 7.0
Multiple vulnerabilities exist in Microsoft SQL Server 2000 and 7.0. The first vulnerability is a result of several functions that let the SQL database generate text messages. By not adequately verifying that the text fits into the allocated buffer space, a buffer overrun can result using the service's security context.
The second vulnerability results because of a format string error in the C runtime functions that SQL Server calls when you install the software on Windows XP, Windows 2000, and Windows NT 4.0 systems. An attacker can use this vulnerability to cause a Denial of Service (DoS) condition. Users can learn specific details about these vulnerabilities on the discoverer’s Web site.
The vendor, Microsoft, has released Security Bulletin MS01-060 to address these vulnerabilities and recommends that affected users immediately apply the patches provided with the bulletin. Microsoft cautions users about the risk of applying the C runtime patch—if a regression error were to result from applying the patch, the results might be widespread and damaging.