{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-07-24T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20030126 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/308396/30/26150/threaded"}, {"name": "20030125 Sapphire SQL Worm Analysis Complete", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/308418/30/26150/threaded"}, {"name": "oval:org.mitre.oval:def:1077", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1077"}, {"name": "CA-2002-22", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.cert.org/advisories/CA-2002-22.html"}, {"name": "VU#484891", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/484891"}, {"name": "VU#399260", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/399260"}, {"name": "20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002)", "tags": ["mailing-list", "x_refsource_NTBUGTRAQ"], "url": "http://marc.info/?l=ntbugtraq&m=102760479902411&w=2"}, {"name": "7945", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/7945"}, {"name": "20030128 Re: MSDE contained in...", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/308806/30/26120/threaded"}, {"name": "20030125 Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/308324/30/26180/threaded"}, {"name": "20030125 SQL Sapphire Worm Analysis", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/308388/30/26180/threaded"}, {"name": "20030125 MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/308306/30/26180/threaded"}, {"name": "20030125 Fw: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/308321/30/26180/threaded"}, {"name": "20030128 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/308760/30/26120/threaded"}, {"name": "20030129 Re: MSDE contained in...", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/309096/30/26120/threaded"}, {"name": "MS02-039", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-039"}, {"name": "20030126 Tool: Sapphire SQL Worm Scanner", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/308419/30/26150/threaded"}, {"name": "20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=102760196931518&w=2"}, {"name": "20030125 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/308393/30/26180/threaded"}, {"name": "CA-2003-04", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.cert.org/advisories/CA-2003-04.html"}, {"name": "5310", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/5310"}, {"name": "20030130 RE: MSDE contained in...", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/309324/30/26120/threaded"}, {"name": "20030201 The Spread of the Sapphire/Slammer SQL Worm", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/309776/30/26090/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0649", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20030126 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/308396/30/26150/threaded"}, {"name": "20030125 Sapphire SQL Worm Analysis Complete", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/308418/30/26150/threaded"}, {"name": "oval:org.mitre.oval:def:1077", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1077"}, {"name": "CA-2002-22", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2002-22.html"}, {"name": "VU#484891", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/484891"}, {"name": "VU#399260", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/399260"}, {"name": "20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002)", "refsource": "NTBUGTRAQ", "url": "http://marc.info/?l=ntbugtraq&m=102760479902411&w=2"}, {"name": "7945", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/7945"}, {"name": "20030128 Re: MSDE contained in...", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/308806/30/26120/threaded"}, {"name": "20030125 Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/308324/30/26180/threaded"}, {"name": "20030125 SQL Sapphire Worm Analysis", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/308388/30/26180/threaded"}, {"name": "20030125 MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/308306/30/26180/threaded"}, {"name": "20030125 Fw: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/308321/30/26180/threaded"}, {"name": "20030128 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/308760/30/26120/threaded"}, {"name": "20030129 Re: MSDE contained in...", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/309096/30/26120/threaded"}, {"name": "MS02-039", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-039"}, {"name": "20030126 Tool: Sapphire SQL Worm Scanner", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/308419/30/26150/threaded"}, {"name": "20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=102760196931518&w=2"}, {"name": "20030125 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/308393/30/26180/threaded"}, {"name": "CA-2003-04", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2003-04.html"}, {"name": "5310", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5310"}, {"name": "20030130 RE: MSDE contained in...", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/309324/30/26120/threaded"}, {"name": "20030201 The Spread of the Sapphire/Slammer SQL Worm", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/309776/30/26090/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:56:38.432Z"}, "title": "CVE Program Container", "references": [{"name": "20030126 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/308396/30/26150/threaded"}, {"name": "20030125 Sapphire SQL Worm Analysis Complete", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/308418/30/26150/threaded"}, {"name": "oval:org.mitre.oval:def:1077", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1077"}, {"name": "CA-2002-22", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.cert.org/advisories/CA-2002-22.html"}, {"name": "VU#484891", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/484891"}, {"name": "VU#399260", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/399260"}, {"name": "20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002)", "tags": ["mailing-list", "x_refsource_NTBUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=ntbugtraq&m=102760479902411&w=2"}, {"name": "7945", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/7945"}, {"name": "20030128 Re: MSDE contained in...", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/308806/30/26120/threaded"}, {"name": "20030125 Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/308324/30/26180/threaded"}, {"name": "20030125 SQL Sapphire Worm Analysis", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/308388/30/26180/threaded"}, {"name": "20030125 MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/308306/30/26180/threaded"}, {"name": "20030125 Fw: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/308321/30/26180/threaded"}, {"name": "20030128 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/308760/30/26120/threaded"}, {"name": "20030129 Re: MSDE contained in...", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/309096/30/26120/threaded"}, {"name": "MS02-039", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-039"}, {"name": "20030126 Tool: Sapphire SQL Worm Scanner", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/308419/30/26150/threaded"}, {"name": "20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=102760196931518&w=2"}, {"name": "20030125 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/308393/30/26180/threaded"}, {"name": "CA-2003-04", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.cert.org/advisories/CA-2003-04.html"}, {"name": "5310", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/5310"}, {"name": "20030130 RE: MSDE contained in...", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/309324/30/26120/threaded"}, {"name": "20030201 The Spread of the Sapphire/Slammer SQL Worm", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/309776/30/26090/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0649", "datePublished": "2002-07-26T04:00:00", "dateReserved": "2002-06-28T00:00:00", "dateUpdated": "2024-08-08T02:56:38.432Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:data_engine:2000:*:*:*:*:*:*:*", "matchCriteriaId": "51ABD323-BF3F-4825-8788-8FCD614E83E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server:2000:*:*:*:*:*:*:*", "matchCriteriaId": "A5D559EE-727C-405C-987C-247973A84D32", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server:2000:sp1:*:*:*:*:*:*", "matchCriteriaId": "4A74EBC1-FD61-4DD1-AC8A-E4B0F333A980", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sql_server:2000:sp2:*:*:*:*:*:*", "matchCriteriaId": "4BC2A389-68BF-45B1-833D-96B331844424", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm."}, {"lang": "es", "value": "Multiples desbordamientos de buffers en el Servicio de Resoluci\u00f3n en SQL Server 2000 y Microsoft Desktop Engine 2000 (MSDE) permite a atacantes remotos causar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo arbitrario mediante paquetes UDP enviados al puerto 1434 en los que \r\n(1) un byte 0x04 causa al hilo de ejecuci\u00f3n del Monitor SQL generar un nombre de clave del registro largo, o (2) un byte 0x08 con una cadena larga causa corrupci\u00f3n en la pila, tal como se realiza en los exploits por el gusano Slammer/Sapphire."}], "id": "CVE-2002-0649", "lastModified": "2018-10-19T15:29:04.270", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-08-12T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=102760196931518&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=ntbugtraq&m=102760479902411&w=2"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/7945"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.cert.org/advisories/CA-2002-22.html"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.cert.org/advisories/CA-2003-04.html"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/399260"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/484891"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/308306/30/26180/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/308321/30/26180/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/308324/30/26180/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/308388/30/26180/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/308393/30/26180/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/308396/30/26150/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/308418/30/26150/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/308419/30/26150/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/308760/30/26120/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/308806/30/26120/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/309096/30/26120/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/309324/30/26120/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/309776/30/26090/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/5310"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-039"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1077"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}