This host has Microsoft SQL Server, which is prone to Privilege Escalation Vulnerabilities.

Successful exploitation allows remote attackers to execute arbitrary code, with a crafted SQL expression or Exposure of sensitive information or Privilege escalation. Impact Level: System

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link. http://www.microsoft.com/technet/security/bulletin/ms08-040.mspx

The flaws are due to - error when initializing memory pages, while reallocating memory. - buffer overflow error in the convert function, while handling malformed input strings. - memory corruption error, while handling malformed data structures in on-disk files. - buffer overflow error, while processing malformed insert statements.

Microsoft SQL Server 2000 Service Pack 4 Microsoft SQL Server 2005 Service Pack 2 Microsoft SQL Server 2005 Edition Service Pack 2 Microsoft SQL Server 2005 Express Edition Service Pack 2 Microsoft SQL Server 2005 Express Edition with Advanced Services Service Pack 2

• http://secunia.com/advisories/30970
• http://www.frsirt.com/english/advisories/2008/2022
• http://www.microsoft.com/technet/security/bulletin/ms08-040.mspx

---

Updated on 2015-03-25