[M$]SECURITY HOLE IN SQL SERVER LETS ATTACKERS TAKE OVER
SECURITY HOLE IN SQL SERVER LETS ATTACKERS TAKE OVER June 13, 2001 07:25 AM A SECURITY FLAW in Microsoft's SQL Server 7.0 and SQL Server 2000 Gold can allow an attacker to take control of a targeted server, the company said in a security bulletin late Tuesday night. Microsoft issued a patch for the flaw at the same time as it released the bulletin. For Full Story: http://www.infoworld.com/articles/hn/xml/01/06/13/010613hnsql.xml?0613alert -- -- ----/ / _ Fred A. Miller ---/ / (_)__ __ ____ __ Systems Administrator --/ /__/ / _ \/ // /\ \/ / Cornell Univ. Press Services -/____/_/_//_/\_,_/ /_/\_\ fm@cupserv.org
Ok I see that fred has done as you have asked so now maybe some of you will be happy an can setup filters to filter out this news reports, I for one really find them informitive at times. then other times i have already seen the reports from other sources. thanks fred for suppling us with the news. jack At 02:20 PM 6/13/2001 -0400, Fred A. Miller wrote:
SECURITY HOLE IN SQL SERVER LETS ATTACKERS TAKE OVER
June 13, 2001 07:25 AM
A SECURITY FLAW in Microsoft's SQL Server 7.0 and SQL Server 2000 Gold can allow an attacker to take control of a targeted server, the company said in a security bulletin late Tuesday night. Microsoft issued a patch for the flaw at the same time as it released the bulletin.
For Full Story: http://www.infoworld.com/articles/hn/xml/01/06/13/010613hnsql.xml?0613alert
-- -- ----/ / _ Fred A. Miller ---/ / (_)__ __ ____ __ Systems Administrator --/ /__/ / _ \/ // /\ \/ / Cornell Univ. Press Services -/____/_/_//_/\_,_/ /_/\_\ fm@cupserv.org
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com
At 02:28 PM 6/13/2001 -0500, you wrote:
Ok I see that fred has done as you have asked so now maybe some of you will be happy an can setup filters to filter out this news reports, I for one really find them informitive at times. then other times i have already seen the reports from other sources.
thanks fred for suppling us with the news.
Thanks, Fred, for taking the care and time to add the M$ tag :-) I hope other people take the cue and use appropriate tags OT, SERVER, DEV, KDE, SCRIPT and so on. If people got into the habit I think it would really help. ---------------------------------------------------- Jonathan Wilson System Administrator Cedar Creek Software http://www.cedarcreeksoftware.com Central Texas IT http://www.centraltexasit.com
* Jonathan Wilson (wilson@claborn.net) [010613 13:47]: -> ->I hope other people take the cue and use appropriate tags OT, SERVER, DEV, KDE, SCRIPT and so on. -> You forgot [whine] [bitch] [moan] [.iso question] ...etc..etc :) -- Ben Rosenberg mailto:ben@whack.org ----- "They that can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." -Benjamin Franklin
<snip> I wonder how long MS new of this? Its obvious that they did not announce it until a patch was made available.
StarTux wrote:
<snip>
I wonder how long MS new of this? Its obvious that they did not announce it until a patch was made available.
yes, but fairly enough, if there is a known trouble with say -bind-, it gets fixed and after that, it's made officially public, usually within less than a day. The tome span between discovery and (temporarily) fix is the measure. Juergen -- =========================================== __ _ Juergen Braukmann juergen.braukmann@gmx.de| -o)/ / (_)__ __ ____ __ Tel: 0201-743648 dk4jb@db0qs.#nrw.deu.eu | /\\ /__/ / _ \/ // /\ \/ / ===========================================_\_v __/_/_//_/\_,_/ /_/\_\
participants (6)
-
Ben Rosenberg -
Fred A. Miller -
Jack Malone -
Juergen Braukmann -
StarTux -
wilson@claborn.net