CVE-2002-0982

Microsoft SQL Server 2000 SP2 - RCE

Title source: llm

Description

Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the sp_MScopyscript stored procedure.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Cesar Cerrudo · textremotewindows

https://www.exploit-db.com/exploits/21651

View Code ZIP pw:eip

References (1)

Core 1

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=103004505027360&w=2

Scores

EPSS 0.0864

EPSS Percentile 92.5%

Details

Status published

Products (1)

microsoft/sql_server 2000 sp2

Published Sep 24, 2002

Tracked Since Feb 18, 2026