Cumulative Patch for Microsoft SQL Server
New
Microsoft has released a cumulative patch for Microsoft SQL Server 7.0 and 2000 which includes all previously released patches and eliminates three newly discovered vulnerabilities.
Microsoft has released a cumulative patch for Microsoft SQL Server 7.0 and 2000 which includes all previously released patches and eliminates three newly discovered vulnerabilities.
Elevation of Privilege in SQL Server Web Tasks
New
Microsoft has released a cumulative patch that includes the functionality of all previously released patches for SQL Server 7.0 and 2000. In addition, it eliminates one newly discovered vulnerability.
Microsoft has released a cumulative patch that includes the functionality of all previously released patches for SQL Server 7.0 and 2000. In addition, it eliminates one newly discovered vulnerability.
Cumulative Patch for SQL Server
New
Microsoft has released a cumulative patch that includes the functionality of all previously released patches for SQL Server 7.0 and SQL Server 2000. In addition, it eliminates a newly discovered vulnerability.
Microsoft has released a cumulative patch that includes the functionality of all previously released patches for SQL Server 7.0 and SQL Server 2000. In addition, it eliminates a newly discovered vulnerability.
Unchecked Buffer in Data Access Components
New
A security vulnerability exists in the Microsoft Data Access Components (MDAC) which could allow an attacker to run code of their choice on a SQL Server by exploiting a buffer overrun.
A security vulnerability exists in the Microsoft Data Access Components (MDAC) which could allow an attacker to run code of their choice on a SQL Server by exploiting a buffer overrun.
Buffer Overruns in SQL Server 2000 Resolution Service
New
Several buffer overrun vulnerabilities exist in the SQL Server resolution service which may allow an attacker to send a carefully crafted packet and run code in the security context of the SQL Server service.
Several buffer overrun vulnerabilities exist in the SQL Server resolution service which may allow an attacker to send a carefully crafted packet and run code in the security context of the SQL Server service.
Unchecked Buffer in SQL Server 2000 Utilities
New
A security vulnerability exists in in several Database Consistency Checkers (DBCCs) shipped with SQL Server 2000 which may allow a remote attacker to take complete control over all databases on the server.
A security vulnerability exists in in several Database Consistency Checkers (DBCCs) shipped with SQL Server 2000 which may allow a remote attacker to take complete control over all databases on the server.
SQL Server Installation May Leave Passwords
New
A security vulnerability exists in the SQL Server installation process which may cause passwords to be left on system and allow an attacker to recover sensitive passwords.
A security vulnerability exists in the SQL Server installation process which may cause passwords to be left on system and allow an attacker to recover sensitive passwords.
Cumulative Patch for SQL Server
New
Microsoft has released a cumulative patch for SQL server that includes the functionality of all previously released patches and in addition eliminates three newly discovered vulnerabilities.
Microsoft has released a cumulative patch for SQL server that includes the functionality of all previously released patches and in addition eliminates three newly discovered vulnerabilities.
Unchecked Buffer in SQLXML Could Lead to Code Execution
New
A security flaw exists in Microsoft SQLXML, which ships as part of SQL Server 2000, may allow a malicious remote user to gain elevated privileges or to run code of their choice on the Microsoft Internet Information Services (IIS) Server.
A security flaw exists in Microsoft SQLXML, which ships as part of SQL Server 2000, may allow a malicious remote user to gain elevated privileges or to run code of their choice on the Microsoft Internet Information Services (IIS) Server.
SQL Extended Procedure Functions Contain Unchecked Buffers
New
A security vulnerability exists in Microsoft SQL Server which may allow a local or remote attacker to run code of their choice on the affected system.
A security vulnerability exists in Microsoft SQL Server which may allow a local or remote attacker to run code of their choice on the affected system.
SQL Server Remote Data Source Function Contain Unchecked Buffers
New
An unchecked buffer exists in the handling of OLE DB provider names in ad hoc connections when using Microsoft SQL Server 7.0 or 2000. This vulnerability could allow an attacker to run the code of their choice on the server.
An unchecked buffer exists in the handling of OLE DB provider names in ad hoc connections when using Microsoft SQL Server 7.0 or 2000. This vulnerability could allow an attacker to run the code of their choice on the server.
SQL Server Functions Contain Unchecked Buffers
New
A security vulnerability exists in Microsoft SQL Server 7.0 and 2000 which could a allow a malicious to run code of their choice on an affected system.
A security vulnerability exists in Microsoft SQL Server 7.0 and 2000 which could a allow a malicious to run code of their choice on an affected system.
SQL Query Method Enables Cached Administrator Connection to be Reused
New
A security flaw exists in Microsoft SQL Server which may allow a user to execute a query with 'sa' users rights due to an exisiting cached connection.
A security flaw exists in Microsoft SQL Server which may allow a user to execute a query with 'sa' users rights due to an exisiting cached connection.
Extended Stored Procedure Parameter Parsing Vulnerability
A security vulnerability exists in Microsoft® SQL Server and Microsoft SQL Server Desktop Engine (MSDE) which could enable a malicious user to run code on the server.
A security vulnerability exists in Microsoft® SQL Server and Microsoft SQL Server Desktop Engine (MSDE) which could enable a malicious user to run code on the server.
Stored Procedure Permissions Vulnerability
A security vulnerability exists in Microsoft® SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 which could allow a malicious user to run a database stored procedure without proper permissions.
A security vulnerability exists in Microsoft® SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 which could allow a malicious user to run a database stored procedure without proper permissions.
DTS Password Vulnerability
A security vulnerability exists in a component that ships with Microsoft® SQL Server 7.0. If the component is configured improperly, the vulnerability could allow passwords to be compromised.
A security vulnerability exists in a component that ships with Microsoft® SQL Server 7.0. If the component is configured improperly, the vulnerability could allow passwords to be compromised.
SQL Server 7.0 Service Pack Password Vulnerability
A security vulnerability exists in the Microsoft® SQL Server® 7.0 Service Packs 1 and 2 installation routine. When run on a machine that is configured in a non-recommended mode, the routines record the administrator password in a log file, where it could be read by any user who could log onto the server at the keyboard.
A security vulnerability exists in the Microsoft® SQL Server® 7.0 Service Packs 1 and 2 installation routine. When run on a machine that is configured in a non-recommended mode, the routines record the administrator password in a log file, where it could be read by any user who could log onto the server at the keyboard.
SQL Query Abuse Vulnerability
A security vulnerability exists in Microsoft® SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 which could allow the remote author of a malicious SQL query to take unauthorized actions on a SQL Server or MSDE database or on the underlying system that was hosting the SQL Server or MSDE database.
A security vulnerability exists in Microsoft® SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 which could allow the remote author of a malicious SQL query to take unauthorized actions on a SQL Server or MSDE database or on the underlying system that was hosting the SQL Server or MSDE database.
Malformed TDS Packet Header Vulnerability
A security vulnerability exists in Microsoft® SQL Server™ 7.0. The vulnerability could cause a SQL server to crash due to a specially-malformed TDS packet.
A security vulnerability exists in Microsoft® SQL Server™ 7.0. The vulnerability could cause a SQL server to crash due to a specially-malformed TDS packet.
 |
 |
|
More Guides » | Registry Guide | Support Forums | Software Guide | Scripting Guide | Search |  | |
