JVN/CVE Demo: Cveinfos

CVE

Id: 5039
CVE No.: CVE-2002-0649
Status: Candidate
Description: Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm.
Phase: Modified (20080207)
Votes: ACCEPT(4) Baker, Cole, Foat, Wall | MODIFY(1) Frech | NOOP(2) Christey, Cox
Comments: Christey> CERT:CA-2002-22 | CERT-VN:VU#399260 | CERT-VN:VU#484891 | Christey> XF:mssql-resolution-service-bo(9661) | URL:http://www.iss.net/security_center/static/9661.php | BID:5310 | URL:http://www.securityfocus.com/bid/5310 | BID:5311 | URL:http://www.securityfocus.com/bid/5311 | Christey> add to desc: "as exploited by the SQL Slammer/Sapphire worm" | to facilitate matching. | Frech> XF:mssql-resolution-service-bo(9661)

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
26152	5039	CVE-2002-0649	BUGTRAQ:20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002)	View
26153	5039	CVE-2002-0649	URL:http://marc.info/?l=bugtraq&m=102760196931518&w=2	View
26154	5039	CVE-2002-0649	BUGTRAQ:20030125 Fw: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!	View
26155	5039	CVE-2002-0649	URL:http://www.securityfocus.com/archive/1/archive/1/308321/30/26180/threaded	View
26156	5039	CVE-2002-0649	BUGTRAQ:20030125 MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!	View
26157	5039	CVE-2002-0649	URL:http://www.securityfocus.com/archive/1/archive/1/308306/30/26180/threaded	View
26158	5039	CVE-2002-0649	BUGTRAQ:20030125 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!	View
26159	5039	CVE-2002-0649	URL:http://www.securityfocus.com/archive/1/archive/1/308393/30/26180/threaded	View
26160	5039	CVE-2002-0649	BUGTRAQ:20030125 Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!	View
26161	5039	CVE-2002-0649	URL:http://www.securityfocus.com/archive/1/archive/1/308324/30/26180/threaded	View
26162	5039	CVE-2002-0649	BUGTRAQ:20030125 SQL Sapphire Worm Analysis	View
26163	5039	CVE-2002-0649	URL:http://www.securityfocus.com/archive/1/archive/1/308388/30/26180/threaded	View
26164	5039	CVE-2002-0649	BUGTRAQ:20030125 Sapphire SQL Worm Analysis Complete	View
26165	5039	CVE-2002-0649	URL:http://www.securityfocus.com/archive/1/archive/1/308418/30/26150/threaded	View
26166	5039	CVE-2002-0649	BUGTRAQ:20030126 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!	View
26167	5039	CVE-2002-0649	URL:http://www.securityfocus.com/archive/1/archive/1/308396/30/26150/threaded	View
26168	5039	CVE-2002-0649	BUGTRAQ:20030126 Tool: Sapphire SQL Worm Scanner	View
26169	5039	CVE-2002-0649	URL:http://www.securityfocus.com/archive/1/archive/1/308419/30/26150/threaded	View
26170	5039	CVE-2002-0649	BUGTRAQ:20030128 RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!	View
26171	5039	CVE-2002-0649	URL:http://www.securityfocus.com/archive/1/archive/1/308760/30/26120/threaded	View
26172	5039	CVE-2002-0649	BUGTRAQ:20030128 Re: MSDE contained in...	View
26173	5039	CVE-2002-0649	URL:http://www.securityfocus.com/archive/1/archive/1/308806/30/26120/threaded	View
26174	5039	CVE-2002-0649	BUGTRAQ:20030129 Re: MSDE contained in...	View
26175	5039	CVE-2002-0649	URL:http://www.securityfocus.com/archive/1/archive/1/309096/30/26120/threaded	View
26176	5039	CVE-2002-0649	BUGTRAQ:20030130 RE: MSDE contained in...	View
26177	5039	CVE-2002-0649	URL:http://www.securityfocus.com/archive/1/archive/1/309324/30/26120/threaded	View
26178	5039	CVE-2002-0649	BUGTRAQ:20030201 The Spread of the Sapphire/Slammer SQL Worm	View
26179	5039	CVE-2002-0649	URL:http://www.securityfocus.com/archive/1/archive/1/309776/30/26090/threaded	View
26180	5039	CVE-2002-0649	NTBUGTRAQ:20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002)	View
26181	5039	CVE-2002-0649	URL:http://marc.info/?l=ntbugtraq&m=102760479902411&w=2	View
26182	5039	CVE-2002-0649	MS:MS02-039	View
26183	5039	CVE-2002-0649	URL:http://www.microsoft.com/technet/security/bulletin/ms02-039.asp	View
26184	5039	CVE-2002-0649	CERT:CA-2002-22	View
26185	5039	CVE-2002-0649	URL:http://www.cert.org/advisories/CA-2002-22.html	View
26186	5039	CVE-2002-0649	CERT:CA-2003-04	View
26187	5039	CVE-2002-0649	URL:http://www.cert.org/advisories/CA-2003-04.html	View
26188	5039	CVE-2002-0649	CERT-VN:VU#399260	View
26189	5039	CVE-2002-0649	URL:http://www.kb.cert.org/vuls/id/399260	View
26190	5039	CVE-2002-0649	CERT-VN:VU#484891	View
26191	5039	CVE-2002-0649	URL:http://www.kb.cert.org/vuls/id/484891	View
26192	5039	CVE-2002-0649	BID:5310	View
26193	5039	CVE-2002-0649	URL:http://www.securityfocus.com/bid/5310	View
26194	5039	CVE-2002-0649	OVAL:oval:org.mitre.oval:def:1077	View
26195	5039	CVE-2002-0649	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1077	View
26196	5039	CVE-2002-0649	SECUNIA:7945	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
63839	JVNDB-2002-000166	Microsoft SQL Server の Resolution サービスにおけるバッファオーバーフローの脆弱性	Microsoft SQL Server の Resolution サービスにおいて、受信したデータサイズのチェックに不備があり、これを利用した場合に、バッファオーバーフローが発生する脆弱性が存在します。	CVE-2002-0649	5039	7.5		http://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000166.html	View

Message	Memory use
Component initialization	1.38 MB
Controller action start	1.48 MB
Controller render start	2.31 MB
View render complete	2.79 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.72
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	375.06
Event: Controller.beforeRender	4.48
» Processing toolbar data	4.39
Rendering View	14.38
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	13.27
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.68
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.08
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/5039
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/5039
Remote Port	23104
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	18.188.90.83
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	18.188.90.83
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	18.188.90.83
Unique Id	aCu69MXEAvueKT0DgQOPKQAAAHk
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	18.188.90.83
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	18.188.90.83
Redirect Unique Id	aCu69MXEAvueKT0DgQOPKQAAAHk
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	18.188.90.83
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	18.188.90.83
Redirect Redirect Unique Id	aCu69MXEAvueKT0DgQOPKQAAAHk
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1747696372.7286
Request Time	1747696372

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files