Signature Detail

HTTP: Microsoft SQL Server Backup Restoring Memory Corruption

This signature detects attempts to exploit a known vulnerability against Microsoft SQL Server. A successful attack can lead to privilege escalation and arbitrary code execution.

Extended Description

Microsoft SQL Server is prone to a remote memory-corruption vulnerability because it fails to perform adequate boundary checks on user-supplied input. Authenticated attackers can exploit this issue to execute arbitrary code in the context of the server. Failed attacks will likely cause denial-of-service conditions.

Affected Products

• Microsoft data_engine_(msde) 1.0
• Microsoft data_engine_(msde) 1.0 SP1
• Microsoft data_engine_(msde) 1.0 SP2
• Microsoft data_engine_(msde) 1.0 SP3
• Microsoft data_engine_(msde) 1.0 SP4
• Microsoft sql_server 7.0
• Microsoft sql_server 7.0 SP1
• Microsoft sql_server 7.0 SP2
• Microsoft sql_server 7.0 SP3
• Microsoft sql_server 7.0 SP4
• Microsoft sql_server_2000 SP1
• Microsoft sql_server_2000 SP2
• Microsoft sql_server_2000 SP3
• Microsoft sql_server_2000 SP4
• Microsoft sql_server_2000
• Microsoft sql_server_2000_desktop_engine SP1
• Microsoft sql_server_2000_desktop_engine SP2
• Microsoft sql_server_2000_desktop_engine SP3
• Microsoft sql_server_2000_desktop_engine SP4
• Microsoft sql_server_2000_desktop_engine
• Microsoft sql_server_2000_itanium_edition SP1
• Microsoft sql_server_2000_itanium_edition SP2
• Microsoft sql_server_2000_itanium_edition SP3
• Microsoft sql_server_2000_itanium_edition SP4
• Microsoft sql_server_2000_itanium_edition
• Microsoft sql_server_2005 SP1
• Microsoft sql_server_2005 SP2
• Microsoft sql_server_2005_express_edition SP1
• Microsoft sql_server_2005_express_edition SP2
• Microsoft sql_server_2005_express_edition_with_advanced_serv SP1
• Microsoft sql_server_2005_express_edition_with_advanced_serv SP2
• Microsoft sql_server_2005_itanium_edition SP1
• Microsoft sql_server_2005_itanium_edition SP2
• Microsoft sql_server_2005_x64_edition SP1
• Microsoft sql_server_2005_x64_edition SP2
• Microsoft windows_2000_advanced_server SP1
• Microsoft windows_2000_advanced_server SP2
• Microsoft windows_2000_advanced_server SP3
• Microsoft windows_2000_advanced_server SP4
• Microsoft windows_2000_advanced_server
• Microsoft windows_2000_datacenter_server SP1
• Microsoft windows_2000_datacenter_server SP2
• Microsoft windows_2000_datacenter_server SP3
• Microsoft windows_2000_datacenter_server SP4
• Microsoft windows_2000_datacenter_server
• Microsoft windows_2000_professional SP1
• Microsoft windows_2000_professional SP2
• Microsoft windows_2000_professional SP3
• Microsoft windows_2000_professional SP4
• Microsoft windows_2000_professional
• Microsoft windows_2000_server SP1
• Microsoft windows_2000_server SP2
• Microsoft windows_2000_server SP3
• Microsoft windows_2000_server SP4
• Microsoft windows_2000_server
• Microsoft windows_internal_database_(wyukon) SP1
• Microsoft windows_internal_database_(wyukon) SP2
• Microsoft windows_internal_database_(wyukon)
• Microsoft windows_internal_database_(wyukon)_x64 SP1
• Microsoft windows_internal_database_(wyukon)_x64 SP2
• Microsoft windows_internal_database_(wyukon)_x64
• Microsoft windows_server_2003 SP1
• Microsoft windows_server_2003 SP2
• Microsoft windows_server_2003_enterprise_x64_edition SP2
• Microsoft windows_server_2003_enterprise_x64_edition
• Microsoft windows_server_2008_for_32-bit_systems
• Microsoft windows_server_2008_for_x64-based_systems
• Vmware vcenter 4.0
• Vmware vcenter 4.1
• Vmware vcenter_update_manager 1.0
• Vmware vcenter_update_manager 4.0
• Vmware vcenter_update_manager 4.1
• Vmware virtualcenter 2.5
• Vmware virtualcenter 2.5 Update 1
• Vmware virtualcenter 2.5 Update 2
• Vmware virtualcenter 2.5.Update 3 Build 11983
• Vmware virtualcenter 2.5 Update 4
• Vmware virtualcenter 2.5 Update 5
• Vmware virtualcenter 2.5 Update 6

References

• BugTraq: 30119
• CVE: CVE-2008-0107
• CVE: CVE-2008-0085