To compliment http://online.securityfocus.com/archive/1/284382/2002-07-20/2002-07-26/0 there also exists another two bufferoverruns. Although not documented on MS they are fixed in http://download.microsoft.com/download/SQLSVR2000/Patch/8.00.0667/W98NT4 2KMeXP/EN-US/8.00.0667_enu.exe 1) DBCC buffer(master, long string) 2) DBCC DBCC procbuf(master,'longstring',1,0) Regards Cheers, Mark Litchfield NGS Software Ltd http://www.ngssoftware.com/ Tel: +44 208 40 100 70 (London) Tel: +44 1241 431 267 Mobile: +44 790 069 5236 Email: mark@ngssoftware.com