The remote MS SQL server is vulnerable to the Hello overflow. An attacker may use this flaw to execute commands against the remote host as LOCAL/SYSTEM, as well as read your database content. *** This alert might be a false positive.

Install Microsoft Patch Q316333 at http://support.microsoft.com/default.aspx?scid=kb en-us Q316333&sd=tech or disable the Microsoft SQL Server service or use a firewall to protect the MS SQL port (1433).