FIX: SQL Server Text Formatting Functions Contain Unchecked Buffers

Article translations Article translations
Article ID: 304851 - View products that this article applies to.
This article was previously published under Q304851
This article has been archived. It is offered "as is" and will no longer be updated.
BUG #: 101942 (SQLBUG_70)
Expand all | Collapse all

SYMPTOMS

SQL Server 7.0 provides a number of functions that enable database queries to generate text messages. In some cases, the functions create a text message and store it in a variable; in others, the functions directly display the message. A vulnerability has been discovered with these functions.

Use of an invalid format type character may allow SQL Server to overwrite an internal buffer that may overwrite an address in the SQL Server process space with arbitrary data. If SQL Server overwrites an address in the SQL Server process space with arbitrary data, SQL Server may potentially allow you to execute arbitrary code within SQL Server or the SQL Server process may abnormally terminate.

For additional information about this security fix, refer to the following Web address:

Microsoft Security Bulletin MS01-060

CAUSE

The SQL Server parser incorrectly allows you to use an invalid type character with some text functions.

RESOLUTION

To resolve this problem, obtain the latest service pack for Microsoft SQL Server 7.0. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
301511 INF: How to Obtain the Latest SQL Server 7.0 Service Pack
NOTE: The following hotfix was created prior to Microsoft SQL Server 7.0 Service Pack 4.

Microsoft recommends that you apply this hotfix to your SQL Server 7.0 installation. SQL Server 7.0 Service Pack 3 is required to apply this fix.

For more information about how to obtain SQL Server 7.0 Service Pack 3, please see the following article in the Microsoft Knowledge Base:
274799 How to Obtain Service Pack 3 for Microsoft SQL Server 7.0

NOTE: SQL Server 7 (7.00.1020), or later, already contains the fix; therefore, you do not need to apply the hotfix if you are using SQL Server 7 (7.00.1020) or later.

The following file is available for download from the Microsoft Download Center:
SQL70-KB815495-v7.00.1094-ENU.exe
Release Date: JAN-24-2002

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How To Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
To ensure that you have properly installed the fix, run the following command from Query Analyzer or from OSQL the command prompt:

"SELECT @@VERSION" (without the quotation marks)


Depending on your platform, the result you receive is either:

  • "Microsoft SQL Server 7.00 - 7.00.1020 (Intel X86)" or greater.

    -or-
  • "Microsoft SQL Server 7.0 - 7.00.1020 (Alpha)" or greater

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Microsoft SQL Server 7.0 Service Pack 4.

Properties

Article ID: 304851 - Last Review: October 24, 2013 - Revision: 3.2
APPLIES TO
  • Microsoft SQL Server 7.0 Standard Edition
Keywords: 
kbnosurvey kbarchive kbdownload kbbug kbfix KB304851

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com