There has been found a vulnerability in Microsoft SQL Server which is related to sp_repwritetovarbin extended stored procedure bundled with SQL Server. The vulnerability may allow an attacker to execute arbitrary code in target system. To exploit the vulnerability successfully an attacker has to have proper username and password. Exception to this is a server to which an attacker has done a successful SQL injection attack already.
At the moment of writing this supported versions of following software are known to be vulnerable against this mentioned vulnerability:
- Microsoft SQL Server 2000 (Service Pack 4)
- Microsoft SQL Server 2005 (Service Pack 2)
- Microsoft SQL Server 2005 Express Edition (with Service Pack 2 or Advanced Services Service Pack 2)
- Microsoft SQL Server 2000 Desktop Engine (MSDE 2000) (Service Pack 4)
- Microsoft SQL Server 2000 Desktop Engine (WMSDE)
- Windows Internal Database (WYukon) (Service Pack 2)
Fix against the vulnerability isn't yet available. Microsoft says that it's investigating the issue and will take appropriate action when the investigation has been finished.
Workarounds to the issue have been released. About these and the status in overall can be read from correspondent Security Advisory.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment