Signature Detail

DB: Microsoft SQL Server INSERT Statement Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the Microsoft SQL Server INSERT Statement. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Microsoft SQL Server is prone to a remote memory-corruption vulnerability because it fails to perform adequate boundary checks on user-supplied input. Authenticated attackers can exploit this issue to execute arbitrary code and completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.

Affected Products

• Microsoft SQL Server 2005 SP1
• Microsoft SQL Server 2005 SP2
• Microsoft SQL Server 2005 Express Edition SP1
• Microsoft SQL Server 2005 Express Edition SP2
• Microsoft SQL Server 2005 Express Edition with Advanced Serv SP1
• Microsoft SQL Server 2005 Express Edition with Advanced Serv SP2
• Microsoft SQL Server 2005 Itanium Edition SP1
• Microsoft SQL Server 2005 Itanium Edition SP2
• Microsoft SQL Server 2005 x64 Edition SP1
• Microsoft SQL Server 2005 x64 Edition SP2
• VMWare vCenter 4.0
• VMWare vCenter 4.1
• VMWare Vcenter Update Manager 1.0
• VMWare Vcenter Update Manager 4.0
• VMWare Vcenter Update Manager 4.1
• VMWare VirtualCenter 2.5
• VMWare VirtualCenter 2.5 Update 1
• VMWare VirtualCenter 2.5 Update 2
• VMWare VirtualCenter 2.5.Update 3 Build 11983
• VMWare VirtualCenter 2.5 Update 4
• VMWare VirtualCenter 2.5 Update 5
• VMWare VirtualCenter 2.5 Update 6

References

• BugTraq: 30118
• CVE: CVE-2008-0106