MS: SQL Server Remote Data Source Function Contain Unchecked Buffers

By Bill Graziano on 20 February 2002 | Tags: Hot Fixes

From TechNet: An unchecked buffer exists in the handling of OLE DB provider names in ad hoc connections. A buffer overrun could occur as a result and could be used to either cause the SQL Server service to fail, or to cause code to run in the security context of the SQL Server. SQL Server can be configured to run in various security contexts, and by default runs as a domain user. The precise privileges the attacker could gain would depend on the specific security context that the service runs in.

Link: MS: SQL Server Remote Data Source Function Contain Unchecked Buffers

Related Articles

Microsoft Security Bulletin MS02-061 : Elevation of Privilege in SQL Server Web Tasks (Q316333) (21 October 2002)

New SQL Server Cumulative Security Patch (3 October 2002)

SQL Server 2000 Cumulative Security Update ... Again. (16 August 2002)

Cumulative Patch for SQL Server 2000 (11 July 2002)

New Sql Server Buffer Overrun issue (17 June 2002)

Worm squirming through SQL servers (21 May 2002)

Unchecked Buffer in Extended Stored Procedures (17 April 2002)

SQL Injection White Paper (2 April 2002)

Other Recent Forum Posts

Troubleshooting Deadlocks in SQL Server (1d)

Last Login date and time (2d)

Negative effects of High VLF counts (2d)

Need to return a value that indicates that a record has been added, but not when a record is modified (3d)

Indexex on low cardinality fields (3d)

Error in stored procedure (4d)

Spam post flagging (4d)

Update Microsoft SQL Server (RTM) 12.0.2000.8 to latest v14 (12.0.6449.1) (4d)

Subscribe to SQLTeam.com

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -

Resources

Articles

Forums

Blogs

Contact Us

About the Site