CVE-2003-0230

Description

Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.

Affected products

• Microsoft / data_engine1.0 – 1.0
• Microsoft / sql_server7.0 – 7.0
• Microsoft / sql_server7.0 – 7.0
• Microsoft / sql_server7.0 – 7.0
• Microsoft / sql_server7.0 – 7.0
• Microsoft / sql_server7.0 – 7.0
• Microsoft / sql_server2000 – 2000
• Microsoft / sql_server2000 – 2000
• Microsoft / sql_server2000 – 2000
• Microsoft / sql_server2000 – 2000
• Microsoft / sql_server2000 – 2000
• Microsoft / sql_server2000 – 2000

References

• MISChttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-031
• MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A235
• MISChttp://www.kb.cert.org/vuls/id/556356