The remote MS SQL server is vulnerable to the Hello overflow. An attacker may use this flaw to execute commands against the remote host as LOCAL/SYSTEM, as well as read your database content. *** This alert might be a false positive.
Install Microsoft Patch Q316333 at http://support.microsoft.com/default.aspx?scid=kb en-us Q316333&sd=tech or disable the Microsoft SQL Server service or use a firewall to protect the MS SQL port (1433).
- Computer Associates WebScan ActiveX Control Multiple Remote Code Execution Vulnerabilities
- Microsoft Autorun Arbitrary Code Execution Vulnerability (08-038)
- WS_FTP client weak stored password
- Microsoft Office Excel 2003 Invalid Object Type Remote Code Execution Vulnerability
- Microsoft Windows2k3 Active Directory 'BROWSER ELECTION' Buffer Overflow Vulnerability