Log Explorer for Microsoft SQL Server xp_logattach buffer overflow

logexplorer-mssql-xplogattach-bo (9346) The risk level is classified as HighHigh Risk

Description:

Log Explorer is vulnerable to a buffer overflow in the xp_logattach extended stored procedure. By passing an overly large value to xp_logattach, a remote attacker could overflow a buffer and cause the SQL Server process to crash or execute arbitrary code on the system.


Consequences:

Gain Access

Remedy:

Upgrade to the latest version of Log Explorer, or at least to version 3.02 located at Lumigent Technologies Web site. See References.

References:

  • BugTraq Mailing List, Fri Jun 14 2002 - 08:05:15 CDT: Lumigent Log Explorer 3.xx extended stored procedures buffer overflow.
  • BugTraq Mailing List, Fri Jun 14 2002 - 13:08:27 CDT: Follow-up on Lumigent Log Explorer 3.xx extended stored procedures buffer overflow.
  • Lumigent Technologies Web site: Problems fixed in 3.02. ("fixes the buffer overflow problem that occurs with some extended stored procedures when a parameter passed to these procedures is excessively long.")
  • Lumigent Technologies Web site: Log Explorer Overview.
  • BID-5016: Lumigent Log Explorer XP_LogAttach_StartProf Buffer Overflow Vulnerability
  • BID-5017: Lumigent Log Explorer XP_LogAttach_SetPort Buffer Overflow Vulnerability
  • BID-5018: Lumigent Log Explorer XP_LogAttach Buffer Overflow Vulnerability
  • CVE-2002-0942: Buffer overflows in Lugiment Log Explorer before 3.02 allow attackers with database permissions to execute arbitrary code via long arguments to the extended stored procedures (1) xp_logattach_StartProf, (2) xp_logattach_setport, or (3) xp_logattach.
  • OSVDB ID: 11913: Lugiment Log Explorer xp_logattach.dll Multiple Function Overflow

Platforms Affected:

  • Lumigent Technologies Log Explorer 3.01 and prior
  • Microsoft SQL Server 2000
  • Microsoft SQL Server 7.0

Reported:

Jun 14, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page