Microsoft SQL Server User Authentication Remote Buffer Overflow Vulnerability
Reportedly, these issues may be exploited with the publically available Spike tool, available at the following URL:
Additionally, a proof-of-concept NASL script has been released.
Exploit code (mssql2000_preauthentication.pm) has been released as part of the Metasploit Framework.
CORE has developed a working commercial exploit for their IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.