CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0CVE-2002-1872
https://notcve.org/view.php?id=CVE-2002-1872
31 Dec 2002 — Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password. • http://online.securityfocus.com/archive/1/298361 • CWE-326: Inadequate Encryption Strength •
CVSS: 10.0EPSS: 58%CPEs: 12EXPL: 0CVE-2002-0224
https://notcve.org/view.php?id=CVE-2002-0224
03 May 2002 — The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service (crash or hang) via malformed (random) input. El MSDTC (Microsoft Distributed Transaction Service Coordinator) para MS Windows 2000, MS IIS 5.0 y SQL Server 6.5 a 2000 permite a atacantes remotos causar una denegación de servicio (caída o cuelgue) mediante entradas malformadas (aleatorias). • http://online.securityfocus.com/archive/1/253360 •
CVSS: 7.8EPSS: 2%CPEs: 2EXPL: 0CVE-2000-0485
https://notcve.org/view.php?id=CVE-2000-0485
30 May 2000 — Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability. • http://www.securityfocus.com/archive/1/62771 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1556
https://notcve.org/view.php?id=CVE-1999-1556
29 Jun 1998 — Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value. • http://marc.info/?l=ntbugtraq&m=90222453431645&w=2 •