CVE-2002-0624

Microsoft SQL Server and MSDE 2000 - Buffer Overflow in Password Encryption Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0624. PoCs published by Martin Rakhmanoff.

AI-analyzed exploit summary The exploit demonstrates a buffer overflow in SQL Server 2000's password encryption procedure by invoking `pwdencrypt` with an excessively long input (353 'A' characters). This triggers an unbounded data copy operation, potentially leading to a denial of service or remote code execution.

Description

Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication, aka "Unchecked Buffer in Password Encryption Procedure."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Martin Rakhmanoff · textlocalwindows

https://www.exploit-db.com/exploits/21549

View Code ZIP pw:eip

The exploit demonstrates a buffer overflow in SQL Server 2000's password encryption procedure by invoking `pwdencrypt` with an excessively long input (353 'A' characters). This triggers an unbounded data copy operation, potentially leading to a denial of service or remote code execution.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Microsoft SQL Server 2000

Auth required

Prerequisites: Access to a SQL Server 2000 instance with sufficient privileges to execute the `pwdencrypt` function

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A291

US Government Resource third-party-advisory x_refsource_cert

http://www.cert.org/advisories/CA-2002-22.html

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-034

Scores

EPSS 0.2284

EPSS Percentile 97.4%

Details

Status published

Products (2)

microsoft/msde 2000

microsoft/sql_server 2000

Published Jul 23, 2002

Tracked Since Feb 18, 2026