Microsoft on Wednesday released a patch for a security hole in its SQL Server 7.0 and 2000 databases that could allow an attacker to execute code of their choice on an affected system by exploiting a buffer overflow vulnerability.
The vulnerability concerns Microsoft-written extended stored procedures -- code that is used to help SQL Server perform tasks, according to Microsoft's advisory. A number of the extended stored procedures installed by SQL Server 7.0 and 2000 contain a buffer overflow vulnerability that could be exploited either by calling one of the affected functions in the database or by creating a specifically formed query on a Web-accessible database, the Redmond, Washington, company said. Either technique would allow an attacker to crash the server or run code of their choice in the server's security zone, Microsoft said.
A buffer overflow is a vulnerability made possible by coding errors in which the amount of memory assigned to a task or application is overrun, often causing a system crash or takeover.
Microsoft rated the vulnerability moderate because code run on affected servers could only run in the server's security zone and best practices would block untrusted users from exploiting the holes.
More information about the vulnerability and the patch are available at http://www.microsoft.com/technet/security/bulletin/ms02-020.asp.