ISS X-Force Database: mssql-dbcc-bo(9659): Microsoft SQL Server Database Consistency Checker (DBCC) utilities have multiple buffer overflows

Microsoft SQL Server Database Consistency Checker (DBCC) utilities have multiple buffer overflows

mssql-dbcc-bo (9659)

High Risk

Description:

Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 are vulnerable to several buffer overflows in multiple Database Consistency Checker (DBCC) utilities. Database Consistency Checkers are tools that allow administrators to easily perform common maintenance tasks on databases. Several DBCC utilities fail to properly validate user-supplied input. A remote attacker with db_owner or db_ddladmin privileges could exploit this vulnerability by supplying a malformed parameter to one of the affected DBCC utilities, which would overflow a buffer, causing the SQL Server service to crash or allowing the attacker to execute code with elevated privileges.

Consequences:

Gain Privileges

Remedy:

Apply the patch for this vulnerability, as listed in Microsoft Security Bulletin MS02-038. See References.

Note: Microsoft originally provided a patch for this vulnerability in MS02-038, but it was superseded by SQL Server Service Pack 3.

References:

BugTraq Mailing List, Thu Jul 25 2002 - 18:42:59 CDT: SQL Server 2000 Buffer Overflows and SQL Inyection vulnerabilities..
BugTraq Mailing List, Wed Aug 21 2002 - 20:42:59 CDT: More DBCC overruns SQL SEVER 2000.
CERT Advisory CA-2002-22: Multiple Vulnerabilities in Microsoft SQL Server.
CIAC Information Bulletin M-101: Microsoft Unchecked Buffer in SQL Server 2000 Utilities Could Allow Code Execution.
Microsoft Security Bulletin MS02-038: Unchecked Buffer in SQL Server 2000 Utilities Could Allow Code Execution (Q316333).
BID-5307: Microsoft SQL Server 2000 Database Consistency Checkers Buffer Overflow Vulnerability
CVE-2002-0644: Buffer overflow in several Database Consistency Checkers (DBCCs) for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows members of the db_owner and db_ddladmin roles to execute arbitrary code.
US-CERT VU#279323: Microsoft SQL Server contains buffer overflows in several Database Consistency Checkers

Platforms Affected:

Microsoft Data Engine 2000
Microsoft SQL Server 2000
Microsoft Windows 2003 Server

Reported:

Jul 24, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page