CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0CVE-2002-1872
https://notcve.org/view.php?id=CVE-2002-1872
Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password. • http://online.securityfocus.com/archive/1/298361 http://www.iss.net/security_center/static/10542.php http://www.nextgenss.com/papers/tp-SQL2000.pdf http://www.securityfocus.com/bid/6097 • CWE-326: Inadequate Encryption Strength •
CVSS: 5.0EPSS: 6%CPEs: 12EXPL: 0CVE-2002-0224
https://notcve.org/view.php?id=CVE-2002-0224
The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service (crash or hang) via malformed (random) input. El MSDTC (Microsoft Distributed Transaction Service Coordinator) para MS Windows 2000, MS IIS 5.0 y SQL Server 6.5 a 2000 permite a atacantes remotos causar una denegación de servicio (caída o cuelgue) mediante entradas malformadas (aleatorias). • http://online.securityfocus.com/archive/1/253360 http://online.securityfocus.com/archive/1/268593 http://www.iss.net/security_center/static/8046.php http://www.securityfocus.com/bid/4006 •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2000-0485
https://notcve.org/view.php?id=CVE-2000-0485
Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability. • http://www.securityfocus.com/archive/1/62771 http://www.securityfocus.com/bid/1292 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-041 https://exchange.xforce.ibmcloud.com/vulnerabilities/4582 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1556
https://notcve.org/view.php?id=CVE-1999-1556
Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value. • http://marc.info/?l=ntbugtraq&m=90222453431645&w=2 http://www.securityfocus.com/bid/109 https://exchange.xforce.ibmcloud.com/vulnerabilities/7354 •