Search:Vulnerability:17.10.2002 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Multiple bugs in Microsoft SQL Server (multiple bugs)
updated since 21.02.2002
Published: 17.10.2002
Source: MICROSOFT
SecurityVulns ID: 1803
Type: local
Level: 6/10
Description: Buffer overflows in OpenDataSource, OPENROWSET, pwdencrypt and xp_dirtree. Weak registry permissions, weak password enbcryption.

Affected: MICROSOFT : SQL Server 7.0
MICROSOFT : SQL Server 2000

Original document David Litchfield, Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002) (17.10.2002)

MICROSOFT, Microsoft Security Bulletin MS02-061: Elevation of Privilege in SQL Server Web Tasks (Q316333) (17.10.2002)

MICROSOFT, Security Bulletin MS02-056: Cumulative Patch for SQL Server (Q316333) (03.10.2002)

document NGSSoftware Insight Security Research, Microsoft SQL Server Stored procedures [sp_MSSetServerPropertiesn and sp_MSsetalertinfo] (#NISR03092002A) (03.09.2002)

David Litchfield, Arbitrary Command Execution on Distributor SQL Server 2000 machines (#NISR22002002A) (23.08.2002)

document Mark Litchfield, More DBCC overruns SQL SEVER 2000 (22.08.2002)

David Litchfield, Microsoft SQL Server Agent Jobs Vulnerabilities (#NISR15002002B) (16.08.2002)

David Litchfield, Microsoft SQL Server Extended Stored Procdure privilege upgrade vulnerabilities (#NISR15002002A) (16.08.2002)

document MICROSOFT, Security Bulletin MS02-043: Cumulative Patch for SQL Server (Q316333) (16.08.2002)

NGSSoftware Insight Security Research, Microsoft SQL Server 2000,7 OpenRowSet Buffer Overflow vulnerability (#NISR02072002) (05.08.2002)

MICROSOFT, Security Bulletin MS02-040: Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise (Q326573) (03.08.2002)

document c c, SQL Server 2000 Buffer Overflows and SQL Inyection vulnerabilities. (26.07.2002)

NGSSoftware Insight Security Research, Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002) (25.07.2002)

MICROSOFT, Security Bulletin MS02-038: Cumulative Patch for SQL Server 2000 Service Pack 2 (Q316333) (25.07.2002)

document MICROSOFT, Security Bulletin MS02-039: Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution (Q323875) (25.07.2002)

c c, SQL Server 7 & 2000 Installation process and Service Packs write encoded passwords to a file (11.07.2002)

NGSSoftware Insight Security Research, Microsoft SQL Server 2000 'BULK INSERT' Buffer Overflow (#NISR11072002) (11.07.2002)

document MICROSOFT, Security Bulletin MS02-035: SQL Server Installation Process May Leave Passwords on System (Q263968) (11.07.2002)

MICROSOFT, Security Bulletin MS02-034: Cumulative Patch for SQL Server (Q316333) (11.07.2002)

NGSSoftware Insight Security Research, Microsoft SQL Server 2000 OpenDataSource Buffer Overflow (#NISR19062002) (20.06.2002)

document martin rakhmanoff, Microsoft SQL Server 2000 pwdencrypt() buffer overflow (14.06.2002)

MICROSOFT, Security Bulletin MS02-020:SQL Extended Procedure Functions Contain Unchecked Buffers (Q319507) (18.04.2002)

c c, Many, many, many Sql Server 7 & 2000 Buffer Overflows (13.03.2002)

document c c, Another Sql Server 7 Buffer Overflow (05.03.2002)

MICROSOFT, Security Bulletin MS02-007 (21.02.2002)

Files: MS SQL Server Hello Overflow NASL script
MSDE,Sql Server 7 & 2000 Adhoc Heterogenous Queries Buffer Overflow and DOS
Discuss: Read or add your comments to this news (0 comments)

File deletion via Windows XP Help Center
updated since 16.08.2002
Published: 17.10.2002
Source: BUGTRAQ
SecurityVulns ID: 2231
Type: client
Level: 6/10
Description: By usgin hcp:// URL it's possible to remove file sustem objects.

Affected: MICROSOFT : Windows XP

Original document MICROSOFT, Security Bulletin MS02-060: Flaw in Windows XP Help and Support Center Could Enable File Deletion (Q328940) (17.10.2002)

Shane Hird, Delete arbitrary files using Help and Support Center [MSRC 1198dg] (16.08.2002)

Discuss: Read or add your comments to this news (0 comments)

Microsoft Office information leakage
Published: 17.10.2002
Source: MICROSOFT
SecurityVulns ID: 2356
Type: local
Level: 4/10

Affected: MICROSOFT : Office 2000
MICROSOFT : Office XP

Original document MICROSOFT, Microsoft Security Bulletin MS02-059: Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure (Q330008) (17.10.2002)

Discuss: Read or add your comments to this news (0 comments)

Multiple bugs in Apache utilities
Published: 17.10.2002
Source: BUGTRAQ
SecurityVulns ID: 2355
Type: local
Level: 5/10
Description: Buffer overflow, symbolic links, etc.

Affected: APACHE : Apache 1.3

Original document David Wagner, Apache 1.3.26 (17.10.2002)

Discuss: Read or add your comments to this news (0 comments)

Cisco Catalist HTTP buffer overflow
Published: 17.10.2002
Source: BUGTRAQ
SecurityVulns ID: 2357
Type: remote
Level: 5/10
Description: Buffer overflow in HTTP interface on oversized query.

Affected: CISCO : CatOS 5.5
CISCO : CatOS 6.3
CISCO : CatOS 7.3
CISCO : CatOS 7.4

Original document CISCO, Cisco Security Advisory: Cisco CatOS Embedded HTTP Server Buffer Overflow (17.10.2002)

Discuss: Read or add your comments to this news (0 comments)

ZoneAlarm synflood/udpflood DoS
updated since 17.10.2002
Published: 03.09.2003
Source: BUGTRAQ
SecurityVulns ID: 2354
Type: remote
Level: 5/10

Affected: ZONELABS : ZoneAlarm 3.0
ZONELABS : ZoneAlarm 3.1
ZONELABS : ZoneAlarm 3.7

Original document _6mO_HaCk, ZoneAlarm remote Denial Of Service exploit (03.09.2003)

Abraham Lincoln, NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability (17.10.2002)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin