Cisco Security Advisory

This advisory describes a vulnerability that affects Cisco products and applications incorporating the use of the Microsoft SQL Server 2000 or the Microsoft SQL Server 2000 Desktop Engine (MSDE 2000).A number of vulnerabilities that have been discovered that enable an attacker to execute arbitrary code or perform a denial of service against the server. These vulnerabilities were discovered and publicly announced by Microsoft in their Microsoft Security Bulletins MS02-039, MS02-056, and MS02-061.All Cisco products and applications that are using unpatched Microsoft SQL Server 2000 or MSDE 2000 are vulnerable.