CVE-2002-1123

Microsoft SQL Server 2000 and MSDE 2000 - Remote Code Execution via Long TCP Port 1433 Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2002-1123. PoCs published by Metasploit, Dave Aitel, MC, including Metasploit module exploits/windows/mssql/ms02_056_hello.

AI-analyzed exploit summary This is a Metasploit module exploiting a buffer overflow in Microsoft SQL Server 2000/MSDE via a malformed packet sent to TCP port 1433, allowing unauthenticated remote code execution with SYSTEM privileges.

Description

Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16398

This is a Metasploit module exploiting a buffer overflow in Microsoft SQL Server 2000/MSDE via a malformed packet sent to TCP port 1433, allowing unauthenticated remote code execution with SYSTEM privileges.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft SQL Server 2000 / MSDE <= SP2
No auth needed
Prerequisites: Network access to TCP port 1433 · Vulnerable version of Microsoft SQL Server 2000 or MSDE
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Dave Aitel · remotewindows
https://www.exploit-db.com/exploits/21693

This NASL script tests for the 'Hello Overflow' vulnerability in Microsoft SQL Server by sending a malformed login request with a long string to trigger a buffer overflow. The exploit targets TCP port 1433 and can potentially allow remote code execution as the SQL Server process.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Microsoft SQL Server
No auth needed
Prerequisites: Network access to TCP port 1433
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GOOD
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/mssql/ms02_056_hello.rb

This Metasploit module exploits a buffer overflow in Microsoft SQL Server 2000/MSDE via a malformed packet sent to TCP port 1433, allowing unauthenticated remote code execution with SYSTEM privileges. The exploit constructs a crafted payload with specific return addresses to trigger the overflow.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft SQL Server 2000 / MSDE <= SP2
No auth needed
Prerequisites: Network access to TCP port 1433 on the target · Vulnerable version of Microsoft SQL Server 2000 or MSDE
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://online.securityfocus.com/archive/1/286220
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5411
Third Party Advisory, US Government Resource third-party-advisory government-resource x_refsource_ciac
http://www.ciac.org/ciac/bulletins/n-003.shtml
Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/9788.php
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=102873609025020&w=2

Scores

EPSS 0.7771
EPSS Percentile 99.5%

Details

Status published
Products (2)
microsoft/data_engine 2000
microsoft/sql_server 2000 (3 CPE variants)
Published Sep 24, 2002
Tracked Since Feb 18, 2026