Microsoft SQL Server Non-Validated Query Vulnerability

Bugtraq ID:	1041
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	Yes
Published:	Mar 08 2000 12:00AM
Updated:	Mar 08 2000 12:00AM
Credit:	Reported to Microsoft by Sven Hammesfahr. Publicized in a Microsoft Security Bulletin released on March 8, 2000.
Vulnerable:	Microsoft SQL Server 7.0 - Microsoft BackOffice 4.5 - Microsoft BackOffice 4.5 - Microsoft Windows NT 4.0 SP6a - Microsoft Windows NT 4.0 SP6a - Microsoft Windows NT 4.0 SP6 - Microsoft Windows NT 4.0 SP6 - Microsoft Windows NT 4.0 SP5 - Microsoft Windows NT 4.0 SP5 - Microsoft Windows NT 4.0 SP4 - Microsoft Windows NT 4.0 SP4 - Microsoft Windows NT 4.0 SP3 - Microsoft Windows NT 4.0 SP3 - Microsoft Windows NT 4.0 SP2 - Microsoft Windows NT 4.0 SP2 - Microsoft Windows NT 4.0 SP1 - Microsoft Windows NT 4.0 SP1 - Microsoft Windows NT 4.0 - Microsoft Windows NT 4.0 Microsoft Data Engine (MSDE) 1.0 + Affymetrix Microarray Suite Software 5.0.1 + Affymetrix Microarray Suite Software 5.0.1 + Affymetrix Microarray Suite Software 5.0.1 + Affymetrix Microarray Suite Software 5.0 + Affymetrix Microarray Suite Software 5.0 + Affymetrix Microarray Suite Software 5.0 + Altiris Deployment Server 5.5 + Altiris Deployment Server 5.5 + Altiris Deployment Server 5.5 + Altiris Deployment Server 5.0.1 + Altiris Deployment Server 5.0.1 + Altiris Deployment Server 5.0.1 + Centennial UK Ltd Centennial Discovery 4.4 + Centennial UK Ltd Centennial Discovery 4.4 + Centennial UK Ltd Centennial Discovery 4.4 + Compaq Insight Manager 7.0 SP1 + Compaq Insight Manager 7.0 SP1 + Compaq Insight Manager 7.0 SP1 + Compaq Insight Manager 7.0 + Compaq Insight Manager 7.0 + Compaq Insight Manager 7.0 + Gerber Technology WebPDM 3.9 + Gerber Technology WebPDM 3.9 + Gerber Technology WebPDM 3.9 + McAfee ePolicy Orchestrator 2.5 SP1 + McAfee ePolicy Orchestrator 2.5 SP1 + McAfee ePolicy Orchestrator 2.5 SP1 + McAfee ePolicy Orchestrator 2.5 + McAfee ePolicy Orchestrator 2.5 + McAfee ePolicy Orchestrator 2.5 + McAfee ePolicy Orchestrator 2.0 + McAfee ePolicy Orchestrator 2.0 + McAfee ePolicy Orchestrator 2.0 + McAfee ePolicy Orchestrator 1.1 + McAfee ePolicy Orchestrator 1.1 + McAfee ePolicy Orchestrator 1.1 + McAfee ePolicy Orchestrator 1.0 + McAfee ePolicy Orchestrator 1.0 + McAfee ePolicy Orchestrator 1.0 - Microsoft Access 2000 - Microsoft Access 2000 - Microsoft Access 2000 - Microsoft Project Central Server - Microsoft Project Central Server - Microsoft Project Central Server + Microsoft SharePoint Team Services from Microsoft + Microsoft SharePoint Team Services from Microsoft + Microsoft SharePoint Team Services from Microsoft - Microsoft Visual Studio 6.0 - Microsoft Visual Studio 6.0 - Microsoft Visual Studio 6.0 + PowerQuest ControlCenter ST 2.0 + PowerQuest ControlCenter ST 2.0 + PowerQuest ControlCenter ST 2.0 + PPM 2000 Incident Reporting and Investigation Management 5.1 + PPM 2000 Incident Reporting and Investigation Management 5.1 + PPM 2000 Incident Reporting and Investigation Management 5.1 + Research In Motion Blackberry Enterprise Server 2.0 .0.65 + Research In Motion Blackberry Enterprise Server 2.0 .0.65 + Research In Motion Blackberry Enterprise Server 2.0 .0.65 + Trend Micro Control Manager 2.5 + Trend Micro Control Manager 2.5 + Trend Micro Control Manager 2.5 + Trend Micro Damage Cleanup Server 1.0 + Trend Micro Damage Cleanup Server 1.0 + Trend Micro Damage Cleanup Server 1.0 + Vital Processing Services LLC POS-partner 2000 5.0.13 + Vital Processing Services LLC POS-partner 2000 5.0.13 + Vital Processing Services LLC POS-partner 2000 5.0.13 + Vital Processing Services LLC POS-partner 2000 4.1.11 + Vital Processing Services LLC POS-partner 2000 4.1.11 + Vital Processing Services LLC POS-partner 2000 4.1.11 + Websense Reporter 6.3.1 + Websense Reporter 6.3.1 + Websense Reporter 6.3.1

Not Vulnerable: