Vulnerability Development mailing list archives
Possible DoS attack against Microsoft SQL Server 7.0
From: kbelian () BUSINESS-SOFT COM (kbelian)
Date: Thu, 18 Nov 1999 09:24:13 +0200
Hi, Excuse me if this has been already reported (though I couldn't find relevant information). MS SQL Server 7.0 silently crashes when sent a TCP packet containing more than 2 NULLs as data. Description: I tested this on a machine running SQL Server version 7.00.699. The NT box is running NT Server with SP 4 (I don't think the Service Pack is an issue since NT is not affected). If the TCP/IP net library is enabled, the 3 or greater NULL bytes crach SQL Server listening on port 1433. The SQL server raises an event 17055 with fatal exception EXCEPTION_ACCESS VIOLATION. Can anyone reproduce this? It's interesting to mention that: - 1 or 2 NULL bytes don't affect the system. - A nornal service restart will reboot SQL Server Thanx. Kevork Belian <!-- body="end" --> <HR> <UL> <LI><STRONG>Next message:</STRONG> m4rcyS: "Re: vlock bug ? (fwd)" <LI><STRONG>Previous message:</STRONG> Blue Boar: "Re: INZIDER!" </UL> <HR> <SMALL> This archive was generated by hypermail 2.0b3 on Thu Nov 18 1999 - 01:33:26 CST</EM> </EM> </SMALL> </BODY> </HTML>
Current thread:
- Re: INZIDER! Wolfgang Gassner (Nov 17)
- Re: INZIDER! Blue Boar (Nov 17)
- Re: INZIDER! rotaiv (Nov 18)
- Possible DoS attack against Microsoft SQL Server 7.0 kbelian (Nov 17)
- Re: INZIDER! Ryan Permeh (Nov 18)
- Re: INZIDER! Joaquim Alfredo Da Costa (Nov 18)
- Re: INZIDER! Robert Joosten (Nov 19)
- <Possible follow-ups>
- Re: INZIDER! Martin (Nov 18)
- Re: INZIDER! Kotz (Nov 19)
- Re: INZIDER! BrainMaster (Nov 19)
- Re: INZIDER! Blue Boar (Nov 17)