SERVER-MSSQL -- Snort has detected traffic exploiting vulnerabilities in Microsoft SQL Server servers.
SERVER-MSSQL sp_oacreate unicode vulnerable function attempt
This event is generated when an attempt is made to exploit a known vulnerability in Microsoft systems using Microsoft SQL Server. Impact: Serious. Denial of Service. Code execution may be possible. Details: Microsoft SQL Server is a database platform for use on hosts using the Microsoft Windows operating system. A vulnerability in the handling of functions available through the Extended Stored Procedures API may allow an attacker to overflow a fixed length buffer and execute code of their choosing on an affected host. A DoS condition may also result due to the server failing to handle a memory copy routine properly which may cause the server to crash. In particular this rule generates an event when an attempt is made to exploit the function "MS-SQL/SMB sp_oacreate". Ease of Attack: Simple. Exploit code exists.
No information provided
No public information
No known false positives
Cisco Talos Brian Caswell Nigel Houghton
No rule groups
None
No information provided
None