[Am-info] MS SQL 2000 resolution service, multiple vulnerabilities
Fred A. Miller
fm@cupserv.org
Fri, 2 Aug 2002 15:49:59 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MS SQL 2000 resolution service, multiple vulnerabilities
Microsoft released MS02-039 ("MS SQL 2000 resolution service, multiple
vulnerabilities"). The resolution service included with MS SQL Server
2000 contains two remotely exploitable buffer overflows that allow an
attacker to execute arbitrary code under the privileges of the SQL
service account. A remote denial of service vulnerability exists,
as well.
FAQ and patch:
http://www.microsoft.com/technet/security/bulletin/MS02-039.asp
Source: Microsoft (NTBugtraq)
http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0028.html
- --=20
Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org, www.cupserv.org
- --- SuSE Linux v8.0 Pro, KMail 3.0.1---
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj1K4mcACgkQB9vk4ichYXeQJwCfa3o8BZhUYG4sCN93bWaHFSa9
zNIAoMInK+T7mJzyISBvCuAtfwDygO4W
=3D/3S9
-----END PGP SIGNATURE-----