Signature Detail

HTTP: Microsoft SQL Server Backup Restoring Memory Corruption

This signature detects attempts to exploit a known vulnerability against Microsoft SQL Server. A successful attack can lead to privilege escalation and arbitrary code execution.

Extended Description

Microsoft SQL Server is prone to a remote memory-corruption vulnerability because it fails to perform adequate boundary checks on user-supplied input. Authenticated attackers can exploit this issue to execute arbitrary code in the context of the server. Failed attacks will likely cause denial-of-service conditions.

Affected Products

• Microsoft Data Engine (MSDE) 1.0
• Microsoft Data Engine (MSDE) 1.0 SP1
• Microsoft Data Engine (MSDE) 1.0 SP2
• Microsoft Data Engine (MSDE) 1.0 SP3
• Microsoft Data Engine (MSDE) 1.0 SP4
• Microsoft SQL Server 7.0
• Microsoft SQL Server 7.0 SP1
• Microsoft SQL Server 7.0 SP2
• Microsoft SQL Server 7.0 SP3
• Microsoft SQL Server 7.0 SP4
• Microsoft SQL Server 2000 SP1
• Microsoft SQL Server 2000 SP2
• Microsoft SQL Server 2000 SP3
• Microsoft SQL Server 2000 SP4
• Microsoft SQL Server 2000
• Microsoft SQL Server 2000 Desktop Engine SP1
• Microsoft SQL Server 2000 Desktop Engine SP2
• Microsoft SQL Server 2000 Desktop Engine SP3
• Microsoft SQL Server 2000 Desktop Engine SP4
• Microsoft SQL Server 2000 Desktop Engine
• Microsoft SQL Server 2000 Itanium Edition SP1
• Microsoft SQL Server 2000 Itanium Edition SP2
• Microsoft SQL Server 2000 Itanium Edition SP3
• Microsoft SQL Server 2000 Itanium Edition SP4
• Microsoft SQL Server 2000 Itanium Edition
• Microsoft SQL Server 2005 SP1
• Microsoft SQL Server 2005 SP2
• Microsoft SQL Server 2005 Express Edition SP1
• Microsoft SQL Server 2005 Express Edition SP2
• Microsoft SQL Server 2005 Express Edition with Advanced Serv SP1
• Microsoft SQL Server 2005 Express Edition with Advanced Serv SP2
• Microsoft SQL Server 2005 Itanium Edition SP1
• Microsoft SQL Server 2005 Itanium Edition SP2
• Microsoft SQL Server 2005 x64 Edition SP1
• Microsoft SQL Server 2005 x64 Edition SP2
• Microsoft Windows 2000 Advanced Server SP1
• Microsoft Windows 2000 Advanced Server SP2
• Microsoft Windows 2000 Advanced Server SP3
• Microsoft Windows 2000 Advanced Server SP4
• Microsoft Windows 2000 Advanced Server
• Microsoft Windows 2000 Datacenter Server SP1
• Microsoft Windows 2000 Datacenter Server SP2
• Microsoft Windows 2000 Datacenter Server SP3
• Microsoft Windows 2000 Datacenter Server SP4
• Microsoft Windows 2000 Datacenter Server
• Microsoft Windows 2000 Professional SP1
• Microsoft Windows 2000 Professional SP2
• Microsoft Windows 2000 Professional SP3
• Microsoft Windows 2000 Professional SP4
• Microsoft Windows 2000 Professional
• Microsoft Windows 2000 Server SP1
• Microsoft Windows 2000 Server SP2
• Microsoft Windows 2000 Server SP3
• Microsoft Windows 2000 Server SP4
• Microsoft Windows 2000 Server
• Microsoft Windows Internal Database (WYukon) SP1
• Microsoft Windows Internal Database (WYukon) SP2
• Microsoft Windows Internal Database (WYukon)
• Microsoft Windows Internal Database (WYukon) x64 SP1
• Microsoft Windows Internal Database (WYukon) x64 SP2
• Microsoft Windows Internal Database (WYukon) x64
• Microsoft Windows Server 2003 SP1
• Microsoft Windows Server 2003 SP2
• Microsoft Windows Server 2003 Enterprise x64 Edition SP2
• Microsoft Windows Server 2003 Enterprise x64 Edition
• Microsoft Windows Server 2008 for 32-bit Systems
• Microsoft Windows Server 2008 for x64-based Systems
• VMWare vCenter 4.0
• VMWare vCenter 4.1
• VMWare Vcenter Update Manager 1.0
• VMWare Vcenter Update Manager 4.0
• VMWare Vcenter Update Manager 4.1
• VMWare VirtualCenter 2.5
• VMWare VirtualCenter 2.5 Update 1
• VMWare VirtualCenter 2.5 Update 2
• VMWare VirtualCenter 2.5.Update 3 Build 11983
• VMWare VirtualCenter 2.5 Update 4
• VMWare VirtualCenter 2.5 Update 5
• VMWare VirtualCenter 2.5 Update 6

References

• BugTraq: 30119
• CVE: CVE-2008-0085
• CVE: CVE-2008-0107