Alert: Release of MS02-007 Security Bulletin - MS SQL 7.0 and OLE DB providers
From: Russ (Russ.Cooper@RC.ON.CA)Date: 02/21/02
- Previous message: James Barrett: "Windows 2000 SIDHistory Escalation Attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 20 Feb 2002 20:05:51 -0500 From: Russ <Russ.Cooper@RC.ON.CA> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
http://www.microsoft.com/technet/security/bulletin/MS02-007.asp
Microsoft have released a new security bulletin addressing, seemingly,
the concerns expressed by cesarc56@UOL.COM.AR in NTBugtraq article;
http://ntbugtraq.ntadvice.com/default.asp?pid=36&sid=1&A2=ind0202&L=ntbu
gtraq&F=P&S=&P=7502
(url is wrapped)
On February 19th, 2002. The vulnerability described allows, amongst
other things, arbitrary execution of code. Microsoft assess the patch as
"Moderate" for MS SQL 7.0 SP3 and MS SQL 2000 SP2.
This patch supercedes MS01-060.
Cheers,
Russ - NTBugtraq Editor
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by Qualys - Make Your Network Secure
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Go Beyond PARTIAL Security: FREE White Paper
Stop hassling with half-baked ENTERPRISE SECURITY.
FREE White Paper shows you how to ensure TOTAL security for your Internet
perimeter with the most current and most complete PROACTIVE Vulnerability
Assessment solution. Get your FREE White Paper now. Click here!
https://www.qualys.com/forms/techwhite_86.html
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Previous message: James Barrett: "Windows 2000 SIDHistory Escalation Attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
