Microsoft SQL Server memory page reuse information disclosure
| mssql-page-reuse-information-disclosure (41459) |  Medium Risk |
Description:
Microsoft SQL Server could allow a remote or local authenticated attacker to obtain sensitive information, caused by a vulnerability regarding memory page reuse. An attacker could exploit this vulnerability by performing a series of database backups over a period of time, which would allow that attacker to extract sensitive information which should have been deleted after each backup process was executed.
*CVSS:
| Base Score: | 4 |
| Access Vector: | Network |
| Access Complexity: | Low |
| Authentication: | Single |
| Confidentiality Impact: | Partial |
| Integrity Impact: | None |
| Availability Impact: | None |
| Temporal Score: | 3 |
| Exploitability: | Unproven |
| Remediation Level: | Official-Fix |
| Report Confidence: | Confirmed |
Consequences:
Obtain Information
Remedy:
Apply the appropriate patch for your system, as listed in the latest Microsoft Security Bulletin. See References.
— OR —
Use Microsoft Automatic Update if it is supported by your operating system. The original bulletin issued by Microsoft has been superseded.
For other distributions:
Apply the appropriate update for your system. See References.
References:
- HPSBST02350 SSRT080102 rev.1: Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040.
- Microsoft Security Bulletin MS08-040: Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203).
- Microsoft Security Bulletin MS09-004: Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420).
- NORTEL BULLETIN ID: 2008008958, Rev 1: Centrex IP Client Manager (CICM) response to Microsoft July security bulletin .
- VMSA-2011-0003: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX.
- ASA-2008-291: MS08-040 Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
- BID-30083: Microsoft SQL Server Memory Page Reuse Information Disclosure Vulnerability
- CVE-2008-0085: SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize memory pages when reallocating memory, which allows database operators to obtain sensitive information (database contents) via unknown vectors related to memory page reuse.
- SA30970: Microsoft SQL Server and MSDE Multiple Vulnerabilities
- SA43206: VMware vCenter Server / Update Manager SQL Express Multiple Vulnerabilities
- SECTRACK ID: 1020441: Microsoft SQL Server Bugs Let Remote Authenticated Users Obtain Information and Execute Arbitrary Code
- VUPEN/ADV-2008-2022: Microsoft SQL Server Privilege Escalation Vulnerabilities (MS08-040)
Platforms Affected:
- HP Storage Management Appliance 2.1
- Microsoft Data Engine 1.0 SP4
- Microsoft SQL Server 2000 SP4 Itanium
- Microsoft SQL Server 2000 SP4
- Microsoft SQL Server 2005 SP2 Itanium
- Microsoft SQL Server 2005 SP1 Itanium
- Microsoft SQL Server 2005 SP1 x64
- Microsoft SQL Server 2005 SP2 x64
- Microsoft SQL Server 2005 SP2
- Microsoft SQL Server 2005 SP1
- Microsoft SQL Server 2005 SP2 Express
- Microsoft SQL Server 2005 SP1 Express
- Microsoft SQL Server 7.0 SP4
- Microsoft SQL Server Advanced Services 2005 SP1 Express
- Microsoft SQL Server Advanced Services 2005 SP2 Express
- Microsoft SQL Server Desktop Engine 2000
- Microsoft SQL Server Desktop Engine 2000 SP4
- Microsoft Windows Internal Database SP2 x64
- Microsoft Windows Internal Database SP2
- VMware vCenter Server 4.1
- VMware vCenter Update Manager 1.0
- VMware vCenter Update Manager 4.0
Reported:
Jul 08, 2008
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net
* According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall IBM be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.