Denial of Service Vulnerability in Microsoft SQL Server 2000's Keep-Alive Mechanism

Denial of Service Vulnerability in Microsoft SQL Server 2000's Keep-Alive Mechanism

CVE-2002-0650 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service (bandwidth consumption) via a "ping" style packet to the Resolution Service (UDP port 1434) with a spoofed IP address of another SQL Server system, which causes the two servers to exchange packets in an infinite loop.

Learn more about our Cis Benchmark Audit For Microsoft Exchange Server.