Security Advisories
Microsoft Issues IIS & RAS Security Alerts
June 16, 2002
Two more MS security advisories have been issued for today. The first and most critical: a buffer overflow has been discovered in Microsoft IIS web servers – this time in the ISAPI extension that handles HTR scripting. On IIS 4.0 an attacker would be able to gain complete control of the server, while 5.0’s HTR […]
MS Patches SQL Hole
June 13, 2002
It’s a busy day for Microsoft security. Bulletin MS02-030 deals with – you guessed it – an unchecked buffer in SQLXML, which comes with SQL Server 2000. A script-injection vulnerability also exists which can lead to privilege elevation. The issue has been rated as a moderate-risk security hole and the patch should be applied immediately. […]
Microsoft Issues Two SQL Server Updates
June 11, 2002
Two new Microsoft security bulletins today: MS02-034 is a cumulative patch for SQL Server 2000 which fixes three new vulnerabilities as well as all those from earlier updates. Two of these new holes are buffer overruns that can result in remote system compromise; however, only certain server configurations are at risk. SQL Server 7.0 is […]
« Older Entries Newer Entries »
