Thanks xStainDx and WishX for this. The Microsoft Data Access Components (MDAC) provide a number of supporting technologies for accessing and using databases. Included among these functions is the underlying support for the T-SQL OpenRowSet command. A security vulnerability results because the MDAC functions underlying OpenRowSet contain an unchecked buffer.
An attacker who submitted a database query containing a specially malformed parameter within a call to OpenRowSet could overrun the buffer, either for the purpose of causing the SQL Server to fail or causing the SQL Server service to take actions dictated by the attacker.
Download: Patch for MDAC 2.5
Download: Patch for MDAC 2.6
Download: Patch for MDAC 2.7
View: More information at Microsoft Security Bulletin ID MS02-40
An attacker who submitted a database query containing a specially malformed parameter within a call to OpenRowSet could overrun the buffer, either for the purpose of causing the SQL Server to fail or causing the SQL Server service to take actions dictated by the attacker.
Download: Patch for MDAC 2.5 Download: Patch for MDAC 2.6 Download: Patch for MDAC 2.7 View: More information at Microsoft Security Bulletin ID MS02-40
Title: Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise (Q326573)
Date: 31 July 2002
Software: Microsoft Data Access Components
Impact: Run code of attacker's choice
Max Risk: Moderate
Bulletin: MS02-040
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.