Security Advisories
MS Releases Cumulative SQL Update
August 16, 2002
Microsoft security bulletin MS02-043 features a much-needed cumulative patch for SQL Server 7.0, SQL Server 2000, MSDE 1.0 and MSDE 2000, all of which have been affected by some half a dozen security holes over the past two months. In addition to fixing all vulnerabilities addressed by earlier patches, the update repairs a new security […]
NCM Vulnerability Affects Windows 2000
August 16, 2002
Windows 2000 systems that allow users to interactively log on, such as workstations and terminal servers, are susceptible to a critical vulnerability in the Network Connection Manager. Via a complex exploit scenario, an attacker could use the NCM to execute arbitrary code with full system privileges. Bulletin MS02-042 further explains the security hole, and a […]
XSS in PHPNuke Can Yield Admin Access
August 15, 2002
A cross-site scripting vulnerability in the popular PHPNuke web portal system can allow an attacker to gain administrative access to a web site. The problem lies in the Private Messaging module, which does no filtering of scripts in HTML code. An attacker only needs access to his own web space to upload exploit PHP files. […]
« Older Entries Newer Entries »
