• McAfee, Inc

Microsoft SQL Server Vulnerability

Microsoft has released Security Advisory 961040 to address reports of attacks against a new vulnerability in Microsoft SQL Server 2000, Microsoft SQL Server 2005, Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine, Microsoft SQL Server 2000 Desktop Engine, and Windows Internal Database. The vulnerability occurs in the extended stored procedure “sp_replwriteovarbin.”

Exploitation of this vulnerability may allow an authenticated attacker to execute arbitrary code. Additionally, if a web application is vulnerable to SQL injection, an unauthenticated, remote attacker may be able to execute arbitrary code.

We encourages users to review the Microsoft Security Advisory 961040 and implement any Suggested Actions to help mitigate the risks.

Published in Computer & Network Security , Saturday January 3rd 2009
Tags: , ,



No Responses to “Microsoft SQL Server Vulnerability”

  1. omar says:

    Very interesting article.I wait to read more about this subject

  2. Ken says:

    interesting post

  3. P. Silva says:

    a very good article about Microsoft SQL Server Vulnerability

Leave a Reply


Privacy | About Us | Contact
Copyright © 2008 Home Automation - JAEC - All the rights reserved