Signature Detail

DB: Microsoft SQL Server Malformed Insert Statement

This signature detects attempts to exploit a known vulnerability in Microsoft's SQL Server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Microsoft SQL Server is prone to a remote memory-corruption vulnerability because it fails to perform adequate boundary checks on user-supplied input. Authenticated attackers can exploit this issue to execute arbitrary code and completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.

Affected Products

• Microsoft SQL Server 2000 SP1
• Microsoft SQL Server 2000 SP2
• Microsoft SQL Server 2000 SP3
• Microsoft SQL Server 2000 SP4
• Microsoft SQL Server 2000
• Microsoft SQL Server 2000 Desktop Engine SP1
• Microsoft SQL Server 2000 Desktop Engine SP2
• Microsoft SQL Server 2000 Desktop Engine SP3
• Microsoft SQL Server 2000 Desktop Engine SP4
• Microsoft SQL Server 2000 Desktop Engine
• Microsoft SQL Server 2000 Itanium Edition SP1
• Microsoft SQL Server 2000 Itanium Edition SP2
• Microsoft SQL Server 2000 Itanium Edition SP3
• Microsoft SQL Server 2000 Itanium Edition SP4
• Microsoft SQL Server 2000 Itanium Edition
• Microsoft Windows 2000 Advanced Server SP4
• Microsoft Windows 2000 Datacenter Server SP4
• Microsoft Windows 2000 Professional SP4
• Microsoft Windows 2000 Server SP4
• VMWare vCenter 4.0
• VMWare vCenter 4.1
• VMWare Vcenter Update Manager 1.0
• VMWare Vcenter Update Manager 4.0
• VMWare Vcenter Update Manager 4.1
• VMWare VirtualCenter 2.5
• VMWare VirtualCenter 2.5 Update 1
• VMWare VirtualCenter 2.5 Update 2
• VMWare VirtualCenter 2.5.Update 3 Build 11983
• VMWare VirtualCenter 2.5 Update 4
• VMWare VirtualCenter 2.5 Update 5
• VMWare VirtualCenter 2.5 Update 6

References

• CVE: CVE-2008-0086
• URL: http://www.microsoft.com/technet/security/Bulletin/MS08-040.mspx