NGSSoftware Security Research Advisory NISR25072002 - Microsoft's database server SQL Server 2000 exhibits two buffer overrun vulnerabilities that can be exploited by a remote attacker without ever having to authenticate to the server. What further exacerbates these issues is that the attack is channeled over UDP port 1434. Whether the SQL Server process runs in the security context of a domain user or the local SYSTEM account, successful exploitation of these security holes will mean a total compromise of the target server and its data.
7374876a71fb3fcb12a28e6f8cfb96087512b03f0bc58422af03eaa003fa9944