Previous Security Advisories

MS Patches SQL Hole

June 13, 2002

It’s a busy day for Microsoft security. Bulletin MS02-030 deals with – you guessed it – an unchecked buffer in SQLXML, which comes with SQL Server 2000. A script-injection vulnerability also exists which can lead to privilege elevation. The issue has been rated as a moderate-risk security hole and the patch should be applied immediately. […]

Microsoft Issues Two SQL Server Updates

June 11, 2002

Two new Microsoft security bulletins today: MS02-034 is a cumulative patch for SQL Server 2000 which fixes three new vulnerabilities as well as all those from earlier updates. Two of these new holes are buffer overruns that can result in remote system compromise; however, only certain server configurations are at risk. SQL Server 7.0 is […]

Remote Overflow in iPlanet Web Server

June 9, 2002

A buffer overflow has been discovered in the search component of Sun’s iPlanet Web Server, which is not activated by default. The unchecked buffer handles the NS-rel-doc-name parameter; remote system compromise is possible. See the advisory for more information. The hole was reported to Sun back in April, but they didn’t patch it till now. […]

« Older Entries   Newer Entries »