Microsoft Security Bulletin (MS00-035) - Patch Available for "SQL Server 7.0 Service Pack Password" vulnerability. Microsoft has released a patch for a security vulnerability in Microsoft SQL Server 7.0 Service Packs 1 and 2 installation routine. With some configurations, the routines record the administrator password in plain text to a log file, where by default it can be read by anyone who can read files on the server. Microsoft FAQ on this issue available here
feb39363e4c4679149374ad9863858d555f192a8400d62b6ce7e2f4b909afa2cMicrosoft Security Bulletin MS03-051 - This bulletin addresses two new security vulnerabilities in Microsoft FrontPage Server Extensions, the most serious of which could enable an attacker to run arbitrary code on a user's system. The first vulnerability exists because of a buffer overrun in the remote debug functionality of FrontPage Server Extensions. The second vulnerability is a Denial of Service vulnerability that exists in the SmartHTML interpreter.
a64a5bca634bcd946c38df1abd14ced1ff623dc64459d7b7e57a6a36c3f219f5Microsoft Security Bulletin MS03-050 - A security vulnerability exists in Microsoft Excel that could allow malicious code execution. This vulnerability exists because of the method Excel uses to check the spreadsheet before reading the macro instructions. If successfully exploited, an attacker could craft a malicious file that could bypass the macro security model. Another security vulnerability exists in Microsoft Word that could allow malicious code execution. This vulnerability exists due to to the way Word checks the length of a data value (Macro names) embedded in a document. If a specially crafted document were to be opened it could overflow a data value in Word and allow arbitrary code to be executed.
2e65329c134cc1472436bf1dfa5a13a48429afbcc0aa286c1a69fd0eec83e2c5Microsoft Security Bulletin MS03-049 - A security vulnerability exists in the Workstation service that could allow remote code execution on an affected system. This vulnerability results because of an unchecked buffer in the Workstation service. If exploited, an attacker could gain System privileges on an affected system, or could cause the Workstation service to fail. An attacker could take any action on the system, including installing programs, viewing data, changing data, or deleting data, or creating new accounts with full privileges.
2ebf3e9a6635c0389c71cb5892f6c16f50e7ee7d9b2ac16950fd17ef4028aea8Microsoft Security Bulletin MS03-048 - A cumulative update patch has been released for Internet Explorer that includes the functionality of all the previously-released updates for Internet Explorer 5.01, Internet Explorer 5.5, and Internet Explorer 6.0. Additionally, it eliminates the following five newly-discovered vulnerabilities.
dfc29d27adae94c6b106aaaf9545a35d4b5a7adc9870d2ce88bb70b85d0bef8cMicrosoft Security Advisory MS03-045 - An attacker who had the ability to log on to a system interactively could run a program that could send a specially-crafted Windows message to any applications that have implemented the ListBox control or the ComboBox control, causing the application to take any action an attacker specified. This could give an attacker complete control over the system by using Utility Manager in Windows 2000.
3e04277031dbf6e921a7be196d8aa8db1e8dd4091520cec139a0bc50d571abbdMicrosoft Security Advisory MS03-047 - Microsoft Exchange Server 5.5, Service Pack 4, suffers from a cross site scripting attack due to the way Outlook Web Access (OWA) performs HTML encoding in the Compose New Message form.
643e2eb1f2bd8cf2e8d911578d71880652aaaa6792f3f3d48d274526d86d308bMicrosoft Security Advisory MS03-046 - A denial of service condition exists in Exchange Server 5.5 that can be exploited by a remote attacker and Exchange 2000 Server suffers the same denial of service and a buffer overrun that can result in an attacker running malicious programs.
a4bd78fe81913c5ffb36cde25380d71fa9f5143f19724c585b5983d3ddab8b04Microsoft Security Advisory MS03-007 - A critical buffer overflow vulnerability in Windows 2000's WebDAV protocol allows remote code execution via IIS as the LocalSystem user. This vulnerability is being exploited in the wild. URLScan, a part of the IIS Lockdown Tool, will block this attack.
228598fd496fa3d0bbdf98a8f5094d8923d56e083bc7b109b4eca59861da6d9dMicrosoft Security Advisory MS02-071 Version 2.0 - The Windows message WM_TIMER allows local users to execute code with LocalSystem privileges, giving the attacker complete control over the system.
00eb8126d183ba4ca4e54a096a5e82c52b2c665d7641910e0cf9d5577da523e6Microsoft Security Advisory MS03-005 - A buffer overflow in the Windows XP Windows Redirector allows local users to gain increased privileges provided they are able to log onto the system interactively.
8bfdb49825e91a5de6549e055b50782a186b046a126f241d61d6f888147ccc6dMicrosoft Security Advisory MS03-004 - A large patch for IE 5.01, 5.5, 6.0 has been released which fixes two newly discovered vulnerabilities, one of which allows malicious web sites to execute remote code on client browsers by misusing a dialog box. A cross-domain vulnerability in Internet Explorer's showHelp() functionality can be tricked into invoking executables already present on a user's local system, downloading malicious code onto a user's local system, and allowing attackers to download users data.
b362e647344b3d8fd63fe7d03e850546c8bde19ce683f1a987e257d371541666NGSSoftware Security Advisory NISR29012003 - There is a remotely exploitable buffer overflow vulnerability in the Microsoft RPC (Remote Procedure Call) Locator Service. This vulnerability, which especially affects Windows Domain Controllers, has been fixed by Microsoft and patch information can be found in Microsoft security advisory MS03-001.
a2a3c79f201bcc9cccb987fb64883826f91e927d2436724e71aa37f834e00fdbMicrosoft Security Advisory MS03-003 - A flaw in how Outlook 2002 handles V1 Exchange Server Certificates causes Outlook to sometimes accidently sends messages in plain text even though it tells the user it has been sent encrypted.
5268f1316955e4d3d27b9cd497735fe01c5636da127e8c3646195213ab851658Microsoft Security Advisory MS03-001 - A buffer overflow in the Microsoft Windows Locator Service in Windows NT, 2000, and XP allows remote attackers to execute commands on Windows 2000 and NT domain controllers by default, and any other server which has the locator service enabled.
5e5ba03153b589c0275c98e4d61e201733836557a267dfc1f55554c12a2f6cc2Microsoft Security Advisory MS02-072 - The Windows Shell has a serious buffer overflow in the routine that extracts attribute information from audio files which allows remote attackers to execute code with privileges of the user if you move your mouse pointer over an evil mp3 or wma file on a website, HTML email, or windows share. An HTML email could cause the vulnerable code to be invoked when a user opened or previewed the email.
d86a95f6a915a23475420a215b6ed7ac33bc04fa7b4378da86a89d551b5dec4eMicrosoft Security Advisory MS02-070 - A flaw in the implementation of SMB Signing in Windows 2000 and Windows XP enables attackers to silently downgrade the SMB Signing settings on an affected system, causing either or both systems to send unsigned data regardless of the signing policy the administrator had set. Although this vulnerability could be exploited to expose any SMB session to tampering, the most serious case would involve changing group policy information as it was being disseminated from a Windows 2000 domain controller to a newly logged-on network client. Doing this, the attacker can take actions such as adding users to the local Administrators group or installing and running code of his choice on the system.
96e6063a616fc74df791bacd1467819287ac6ed0f6d2d0080f21a501e53a28eaMicrosoft Security Advisory MS02-069 - Eight serious vulnerabilities were discovered in Microsoft VM which allow remote code execution via HTML email and malicious web pages.
f4af9d4c01a18e7ea7461b5d3985e9a101361a16870c806c84743c038cceefabMicrosoft Security Advisory MS02-068 - This is a cumulative patch for Internet Explorer 5.5 and 6.0 which includes all previous patches and a new one to fix a flaw in Internet Explorer's cross-domain security model which allows a website in one domain to access information in another, including the user's local system. Exploiting the vulnerability could enable an attacker to read any file on the users computer. In addition, the attacker could invoke an executable already present on the system. This vulnerability can be exploited via email or web page.
f9652f1cc78d6779742cc557433ca8ba1e8f1b60a890eb8f0b439d57a95d7967Microsoft Security Advisory MS02-067 - A vulnerability exists in Outlook 2002 in its processing of e-mail headers allows remote attackers to crash the mail reader. The Outlook 2002 client would continue to fail so long as the specially malformed e-mail message remained on the e-mail server.
7ba0d0ae3667f10901c30100fca8fae5fd814cfbe87554a001045ad5d0a8fd2fMicrosoft Security Advisory MS02-066 - Six new vulnerabilities were discovered in IE 5.01, 5.5 and 6.0 including a three bugs that allow remote attackers to view any file on the system or run executables, a PNG buffer overrun, information disclosure, read temp files with cookie info.
7b641110114c4f1ba5bb73219dd4dd18037c8aba3c6209c9dab0787223b9a130Microsoft Security Advisory - Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution. Both web servers and web clients are at risk from the vulnerability: Web servers are at risk if a vulnerable version of MDAC is installed and running on the server. To exploit the vulnerability against such a web server, an attacker would need to establish a connection with the server and then send a specially malformed HTTP request to it, that would have the effect of overrunning the buffer with the attacker's chosen data. The code would run in the security context of the IIS service (which, by default, runs in the LocalSystem context). Web clients are at risk in almost every case, as the RDS Data Stub is included with all current versions of Internet Explorer and there is no option to disable it. To exploit the vulnerability against a client, an attacker would need to host a web page that, when opened, would send an HTTP reply to the user's system and overrun the buffer with the attacker's chosen data. The web page could be hosted on a web site or sent directly to users as an HTML Mail. The code would run in the security context of the user.
6befe459e6dbfe443c23c4464aabd9bce1694963db34252a389d0b9e741f1db4Microsoft Security Advisory MS02-063 - A buffer overflow in all versions of Windows PPTP are vulnerable to remote denial of service attacks.
69f968bef7b630c760fbaebfa34c8219f97c8b1b1cca60d818d60cd5ecf60db7Microsoft Security Advisory MS02-062 - Four vulnerabilities have been found in Microsoft IIS 4.0, 5.0, and 5.1 which allow privilege elevation, denial of service, bypass upload permissions, and cross site scripting on the admin page.
a2967ba6e1a6b2fd057c457e3dbcd833166beca202b663b0c1b4e92306d95694Microsoft Security Advisory MS02-064 - On Windows 2000, the default permissions provide the Everyone group with Full access on the system root folder (typically, C:\). In most cases, the system root is not in the search path. However, under certain conditions - for instance, during logon or when applications are invoked directly from the Windows desktop via Start | Run - it can be, allowing users to make trojans that other users execute.
1216c825445c9a208c39bc93c9c94e146553beb71516ba0e00744b827f2d5645Microsoft Security Advisory MS02-061 - Microsoft SQL Server 7.0 and 2000 contain stored procedures which allow low privileged users who are able to authenticate to a SQL server to delete, insert or update all the web tasks created by other users. In addition, the attacker can run already created web tasks in the context of the creator of the web task, usually the SQL Server Agent service account.
b64e0c0e18bee283ad6b70b6b0638fbfd75ccd565bbd4d21fec435e3209cbf49
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed