DB: MS-SQL TDS Fragmentation Flood
This signature detects attempts to exploit a known vulnerability in MS-SQL Server. MS-SQL Server 7.0, Service Packs 0 through 3 are vulnerable. Attackers can send a flood of fragmented MS-SQL Tabular Data Stream (TDS) packets to crash the server.
Extended Description
Reportedly Microsoft SQL Server is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle irregular network communications. An attacker may leverage this issue to cause the affected server to crash, denying service to legitimate users.
Affected Products
Microsoft sql_server
References
BugTraq: 11265
CVE: CVE-2004-1560
URL: http://www.securitytracker.com/alerts/2004/Sep/1011434.html
Short Name
DB:MS-SQL:TDS-FRAG-FLOOD
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
CVE-2004-1560 Flood Fragmentation MS-SQL TDS bid:11265
Release Date
10/27/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3725
Port
TCP/1433
False Positive
Unknown
Vendors
Microsoft
CVSS Score
5.0