CVE Vulnerabilities

CVE-2003-0230

Published: Aug 27, 2003 | Modified: Oct 12, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the Named Pipe Hijacking vulnerability.

Affected Software

Name Vendor Start Version End Version
Data_engine Microsoft 1.0 (including) 1.0 (including)
Sql_server Microsoft 7.0 (including) 7.0 (including)
Sql_server Microsoft 7.0-sp1 (including) 7.0-sp1 (including)
Sql_server Microsoft 7.0-sp2 (including) 7.0-sp2 (including)
Sql_server Microsoft 7.0-sp3 (including) 7.0-sp3 (including)
Sql_server Microsoft 7.0-sp4 (including) 7.0-sp4 (including)
Sql_server Microsoft 2000 (including) 2000 (including)
Sql_server Microsoft 2000-sp1 (including) 2000-sp1 (including)
Sql_server Microsoft 2000-sp2 (including) 2000-sp2 (including)
Sql_server Microsoft 2000-sp3 (including) 2000-sp3 (including)
Sql_server Microsoft 2000-sp3a (including) 2000-sp3a (including)

References