Microsoft Security Bulletin MS02-034

Naviga SWZ: Home Page » News
News del 11 Luglio 02 Autore: Steve3000
Cumulative Patch for SQL Server (Q316333) Patch cumulativa per SQL Server 2000 che si adopera per tappare 3 nuove falle localizzate anche nella versione MSDE 2000 (ma non nelle versioni precedenti). Issue: ====== This is a cumulative patch that includes the functionality of all previously released patches for SQL Server 2000. In addition, it eliminates three newly discovered vulnerabilities affecting SQL Server 2000 and MSDE 2000 (but not any previous versions of SQL Server or MSDE): - - A buffer overrun vulnerability in a procedure used to encrypt SQL Server credential information. An attacker who was able to successfully exploit this vulnerability could gain significant control over the database and possibly the server itself depending on the account SQL server runs as. - - A buffer overrun vulnerability in a procedure that relates to the bulk inserting of data in SQL Server tables. An attacker who was able to successfully exploit this vulnerability could gain significant control over the database and possibly the server itself. - - A privilege elevation vulnerability that results because of in- correct permissions on the Registry key that stores the SQL Server service account information. An attacker who was able to success- fully exploit this vulnerability could gain greater privileges on the system than had been granted by the system administrator -- potentially even the same rights as the operating system. Download 8.00.0650_ita.exe now
Inserisci un commento sul forum Commenta la News sul Forum

Voto:

Categoria: Sicurezza

La Community di SWZone.it

La community con le risposte che cerchi ! Partecipa é gratis !
Iscrizione ForumIscriviti al Forum

Newsletter

Vuoi ricevere tutti gli aggiornamenti di SWZone direttamente via mail ?
Iscrizione NewsletterIscriviti alla Newsletter

News Collegate