Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft SQL Server 2000复制存储过程远程可插入漏洞(MS02-038)
Vulnerability Description
Microsoft SQL Server 2000是一款由Microsoft公司开发的商业性质大型数据库系统。 Microsoft SQL Server中的用于复制的存储过程Sp_MScopyscriptfile对用户提交的参数缺少正确的过滤,远程攻击者可以利用这个漏洞以SQL Server Agent Proxy帐户权限在系统上执行任意命令。 Sp_MScopyscriptfile存储过程可以在SQL服务器复制目录中建立目录,然后拷贝脚本到此木中,这个存储过程包含@scriptfile输入参数,用于要拷
CVSS Information
N/A
Vulnerability Type
N/A