MS02-038: cumulative patch for Structured Query Language Server 2000 service pack 2. (Microsoft: security alerts and advisories issued).(Brief Article)(Product Announcement)
Information Systems Auditor, September, 2002
Issue
This patch eliminates two newly discovered vulnerabilities affecting Structured Query Language (SQL) Server 2000 and MSDE 2000:
* a buffer overrun vulnerability that occurs in several database consistency checkers (DBCCs) that ship as part of SQL Server 2000. DBCCs are command console utilities that allow maintenance and other operations to be performed on a SQL Server. While many of these are executable only by sysadmin, some are executable by members of the db owner and db ddladmin roles as well In the most serious case, exploiting this vulnerability would enable attackers to run code in the context of the SQL Server service, thereby giving them complete control over all databases on the server;
* an SQL injection vulnerability that...
Most Recent Business Articles
- Multiple criteria evaluation and optimization of transportation systems
- Multi-criteria analysis procedure for sustainable mobility evaluation in urban areas
- A two-leveled multi-objective symbiotic evolutionary algorithm for the hub and spoke location problem
- Multi-criteria analysis for evaluating the impacts of intelligent speed adaptation
- The development of Taiwan arterial traffic-adaptive signal control system and its field test: a Taiwan experience
Most Recent Business Publications
Most Popular Business Articles
- 7 tips for effective listening: productive listening does not occur naturally. It requires hard work and practice - Back To Basics - effective listening is a crucial skill for internal auditors
- FAS 109: a primer for non-accountants - Financial Accounting Standards Board's "Statement 109: Accounting for Income Taxes"
- Design a commission plan that drives sales - Sales Commissions
- Too Young to Rent a Car? - 25-years-old the minimum age for car renting - Brief Article
- LIFO vs. FIFO: a return to the basics
