Cumulative Patch for SQL Server 2000

By Bill Graziano on 11 July 2002 | 1 Comment | Tags: Hot Fixes

This is a cumulative patch that, when applied, address all previously addressed vulnerabilities. In addition, it eliminates three new vulnerability:

  • A buffer overrun vulnerability in a procedure that handles password encryption for SQL Server authentication that could enable code of an attacker's choice to be run in the same context as the SQL Server.
  • A buffer overrun vulnerability in a procedure that handles bulk inserting of database tables that could enable an attacker's code to run in the SQL Server Service Account's security context.
  • A privilege elevation vulnerability that could enable an attacker to gain the ability to execute SQL Server commands in the security context of the operating system.
Follow the link to Cumulative Patch for SQL Server 2000...

Discuss this article: 1 Comment so far. Print this Article. This page has been read 3,757 times.

If you like this article you can sign up for our newsletter. We send it out each week that we post a new article. There's an opt-out link at the bottom of each newsletter so it's easy to unsubscribe at any time.

Email Address:

Email ThisSubscribe to this feedKick itSave to del.icio.usView blog reactions

Related Articles

Microsoft Security Bulletin MS02-061 : Elevation of Privilege in SQL Server Web Tasks (Q316333) (21 October 2002)

New SQL Server Cumulative Security Patch (3 October 2002)

SQL Server 2000 Cumulative Security Update ... Again. (16 August 2002)

New Sql Server Buffer Overrun issue (17 June 2002)

Worm squirming through SQL servers (21 May 2002)

Unchecked Buffer in Extended Stored Procedures (17 April 2002)

SQL Injection White Paper (2 April 2002)

MS: SQL Server Remote Data Source Function Contain Unchecked Buffers (20 February 2002)

Other Recent Forum Posts

SQL Server Job fails (7 Replies)

Is it this job can program in trigger? (2 Replies)

Failed to import Excel Data (3 Replies)

Cursor issue (2 Replies)

MultiThreading concept in oracle (6 Replies)

MSX & Service Packs (1 Reply)

nothing in tray (4 Replies)

Optimizing TCP-IP Settings for 2005 Version? (1 Reply)

Subscribe to SQLTeam.com

Weekly SQL Server newsletter with articles, forum posts, and blog posts via email:

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -

SQL Server Jobs

Resources

SQL Server Resources

Advertise on SQLTeam.com

SQL Server Books

SQLTeam.com Newsletter

Write for SQLTeam.com

Contact Us

About the Site