patches for exploits as referenced in this http://www.antionline.com/showthread...hreadid=221863
AN UPDATE ON:
BUFFER OVERFLOWS IN MS SQL 7 AND 2000
April 18, 2001
Last night, Microsoft released a Security Bulletin
announcing patches for Microsoft's SQL Server 7 and 2000. These
patches fix the multiple SQL Server buffer overflows we reported on
March 14 in our Information Alert
Cesar Cerrudo found 17 buffer overflows in extended stored
procedures that come with SQL Server 7 and 2000. A hacker could
exploit these buffer overflows to either crash your SQL server
or, in the worst case, execute arbitrary code with full system
privileges. For more details on this issue see our original alert.
You can find the patches at the links below, under "References."
Administrators using Microsoft SQL Server 7 or 2000 should download,
test, and install the corresponding patch as soon as possible. As
with any new patch, we recommend you first test it on a spare
machine before implementing the patch in a live environment.
Microsoft Security Bulletin 02-020
Microsoft's SQL Server 7.0 cumulative patch
Microsoft's SQL Server 2000 cumulative patch