Update Protection against Microsoft SQL Server Convert Function Buffer Overrun Vulnerability (MS08-040)
| Check Point Reference: | CPAI-2008-101 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Microsoft Security Bulletin MS08-040 | |
| Industry Reference(s): | CVE-2008-0086 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Microsoft SQL Server 2000 Microsoft SQL Server 2000 Desktop Engine | ||
| Vulnerability Description A buffer overflow vulnerability was reported in Microsoft SQL Server. Microsoft SQL Server is a relational database management system (RDBMS). A remote attacker may exploit this vulnerability to run code on a vulnerable system. |
||
|
Update/Patch Available Apply patches: Microsoft Security Bulletin MS08-040 |
|
|
Vulnerability Details The vulnerability is due to insufficient data validation when processing parameters passed to CONVERT function in an SQL statement. An attacker can create a query that calls the convert function with a specially crafted expression, causing the function to overflow, allowing code execution. Successful exploitation of this issue may allow the attacker to take complete control of the target system. |
Protection Overview
By enabling this protection, SmartDefense will detect and block MS-SQL connections where a CONVERT function with an excessively long argument is used.
In order for the protection to be activated, update your product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.