Vulnerability Details : CVE-2000-1209
Public exploit exists!
The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.
Exploit prediction scoring system (EPSS) score for CVE-2000-1209
Probability of exploitation activity in the next 30 days: 95.73%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2000-1209
-
Microsoft SQL Server Payload Execution via SQL Injection
Disclosure Date: 2000-05-30First seen: 2020-04-26exploit/windows/mssql/mssql_payload_sqliThis module will execute an arbitrary payload on a Microsoft SQL Server, using a SQL injection vulnerability. Once a vulnerability is identified this module will use xp_cmdshell to upload and execute Metasploit payloads. It is necessary to specify the exac -
Microsoft SQL Server Payload Execution
Disclosure Date: 2000-05-30First seen: 2020-04-26exploit/windows/mssql/mssql_payloadThis module executes an arbitrary payload on a Microsoft SQL Server by using the "xp_cmdshell" stored procedure. Currently, three delivery methods are supported. First, the original method uses Windows 'debug.com'. File size restrictions are avoided by incorporati
CVSS scores for CVE-2000-1209
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2000-1209
-
http://www.securityfocus.com/bid/4797
Microsoft MSDE/SQL Server 2000 Desktop Engine Default Configuration Vulnerability
-
http://online.securityfocus.com/archive/1/273639
-
http://www.microsoft.com/security/security_bulletins/ms02020_sql.asp
-
http://support.microsoft.com/default.aspx?scid=kb;[LN];Q313418
-
http://www.kb.cert.org/vuls/id/635463
Patch;Third Party Advisory;US Government Resource
-
http://marc.info/?l=bugtraq&m=96644570412692&w=2
-
http://www.iss.net/security_center/static/1459.php
Patch;Vendor Advisory
-
http://marc.info/?l=bugtraq&m=96333895000350&w=2
-
http://marc.info/?l=bugtraq&m=96593218804850&w=2
-
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q321081
-
http://security-archive.merton.ox.ac.uk/bugtraq-200008/0233.html
Products affected by CVE-2000-1209
- cpe:2.3:a:microsoft:data_engine:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:msde:2000:*:*:*:*:*:*:*
- cpe:2.3:a:compaq:insight_manager_xe:2.1b:*:*:*:*:*:*:*
- cpe:2.3:a:compaq:insight_manager_xe:2.1c:*:*:*:*:*:*:*
- cpe:2.3:a:compaq:insight_manager_xe:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:compaq:insight_manager_xe:1.21:*:*:*:*:*:*:*
- cpe:2.3:a:compaq:insight_manager_xe:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:compaq:insight_manager_xe:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:compaq:insight_manager:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:compaq:insight_manager:7.0:sp1:*:*:*:*:*:*