[Am-info] MS SQL Server OpenDataSource() overflow
Fred A. Miller
fm@cupserv.org
Fri, 28 Jun 2002 16:37:36 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MS SQL Server OpenDataSource() overflow
MS SQL Server 2000 has been found to contain a buffer overflow in the
handling of the OpenDataSource() SQL function, letting an attacker
capable of running SQL queries execute arbitrary code on the SQL
server system.
This vulnerability has not been confirmed.
Source: VulnWatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0116.html
- --=20
Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org, www.cupserv.org
- --- SuSE Linux v8.0 Pro, Netscape 7.0---
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj0cyRAACgkQB9vk4ichYXfVxACcC/1EHGxXIfEumyfa6Cll/tMp
UfQAoJ9Bc0C/swaDu4DWCdL7zK2mE2c/
=3D7tLc
-----END PGP SIGNATURE-----