[Am-info] MS02-020: SQL extended procedure overflows
Fred A. Miller
fm@cupserv.org
Fri, 26 Apr 2002 16:08:45 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MS02-020: SQL extended procedure overflows
Microsoft released MS02-020 ("SQL extended procedure overflows"). SQL
server 7.0 and 2000 contain buffer overflows in various extended
procedures, thereby allowing an attacker who can submit queries to
the database to execute arbitrary code on the SQL server.
FAQ and patch:
http://www.microsoft.com/technet/security/bulletin/MS02-020.asp
Source: Microsoft
http://archives.neohapsis.com/archives/vendor/2002-q2/0013.html
- --=20
Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org, www.cupserv.org
- --- SuSE Linux v8.0 Pro---
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjzJs80ACgkQB9vk4ichYXcw/ACfe2xC6ekXuE/RzcQk/5fvl/Nx
uOgAn2ggC74vKV0a66wPnF5BFuN4imdU
=3DoADv
-----END PGP SIGNATURE-----