[VIM] duplicative CVE numbers on MS SQL vuln?

Steven M. Christey coley at linus.mitre.org
Tue Dec 30 18:45:00 UTC 2008 

On Mon, 22 Dec 2008, Stuart Moore wrote:

> Hi.  Anyone know if today's CVE-2008-4270 (Microsoft SQL Server) is the
> same as the previously reported CVE-2008-5416 (Microsoft SQL Server, as
> disclosed by SEC Consult)?

Microsoft just confirmed that these are the same.  We'll be using
CVE-2008-5416 instead of the Microsoft-assigned CVE-2008-4270.

- Steve

======================================================
Name: CVE-2008-4270
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4270

** REJECT **

DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2008-5416.  Reason:
This candidate is a duplicate of CVE-2008-5416.  Notes: All CVE users
should reference CVE-2008-5416 instead of this candidate.  All
references and descriptions in this candidate have been removed to
prevent accidental usage.


======================================================
Name: CVE-2008-5416
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5416
Reference: BUGTRAQ:20081209 SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/499042/100/0/threaded
Reference: MISC:http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt
Reference: CONFIRM:http://www.microsoft.com/technet/security/advisory/961040.mspx
Reference: BID:32710
Reference: URL:http://www.securityfocus.com/bid/32710
Reference: FRSIRT:ADV-2008-3380
Reference: URL:http://www.frsirt.com/english/advisories/2008/3380
Reference: SECTRACK:1021363
Reference: URL:http://securitytracker.com/id?1021363
Reference: SECTRACK:1021490
Reference: URL:http://securitytracker.com/id?1021490
Reference: SECUNIA:33034
Reference: URL:http://secunia.com/advisories/33034

Heap-based buffer overflow in Microsoft SQL Server 2000 8.00.2050,
8.00.2039, and earlier allows remote authenticated users to cause a
denial of service (access violation exception) or execute arbitrary
code by calling the sp_replwritetovarbin extended stored procedure
with a set of crafted parameters that trigger memory overwrite.  NOTE:
it was later reported that SQL Server 2005 9.00.1399.06 is also
vulnerable.

More information about the VIM mailing list