Printed 2015/11/28 12:44AM

New Security Bulletin for SQL Server 2000/2005 (MS09-004)


Affected Versions:

Unaffected Versions:

Original Vulnerability Report:

Microsoft Security Bulletin Link:

Brief Analysis:

The extended stored procedure, sp_replwritetovarbin, has a buffer overflow vulnerability which can be exploited to perform a remote code exploit in the context of the SQL Server service account. The stored procedure is only used for transactional replication.

There is currently a proof of concept showing that the buffer overflow is possible but there is no publicly released exploit code nor are there any active exploits in the wild. There is a workaround which involves disabling the extended stored procedure, either by denying permissions to public or by dropping the extended stored procedure from the SQL Server.

Copyright © 2002-2015 Simple Talk Publishing. All Rights Reserved. Privacy Policy. Terms of Use. Report Abuse.