Intrusion Prevention

MS.SQL.Server.UDP.Single.Byte.Ping

Description

This indicates an attack attempt to exploit a denial of service (DoS) vulnerability in Microsoft SQL Server.
The vulnerability is caused by an error that occurs when the vulnerable
software handles a malicious ping packet. A remote attacker may exploit this to
crash the vulnerable software by sending a crafted ping packet to port 1434.

Affected Products

Microsoft SQL Server 2000 SP2
Microsoft SQL Server 2000 SP1
Microsoft SQL Server 2000

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply patch, available from the website:
http://www.microsoft.com/technet/security/bulletin/ms02-039.mspx

CVE References

CVE-2002-0650