IE patch & SQL brute force
Results 1 to 6 of 6

Thread: IE patch & SQL brute force

  1. #1
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,540

    IE patch & SQL brute force

    taken from www.securityspace.com
    attention Windows users for the following 2 high risk vulnerabilities

    1)
    Title: IE 5.01 5.5 6.0 Cumulative patch (Q316059)
    ID: 10861
    Category: Windows
    http://www.securityspace.com/smysecu....html?id=10861
    Summary: Determines whether the hotfix Q313675 is installed
    Description:
    ** The 11 Febuary 2002 Cumulative Patch for IE is
    ** not applied on the remote host. **
    Impact of vulnerability: Run code of attacker's choice. **
    Recommendation: Customers using IE should install the patch immediately. **
    Affected Software: **
    Microsoft Internet Explorer 5.01
    ** Microsoft Internet Explorer 5.5
    ** Microsoft Internet Explorer 6.0 **
    NOTE: Might require full registry access on win2k and xp **
    Supersedes MS01-055 and ms01-058
    See http://www.microsoft.com/technet/sec...n/ms02-005.asp
    Risk factor : High


    2)
    Title: Microsoft's SQL Server Brute Force
    ID: 10862
    Category: Windows
    http://www.securityspace.com/smysecu....html?id=10862
    Summary: Microsoft's SQL Server Brute Force
    Description: The SQL Server has a common password for one or more accounts. These accounts may be used to gain access to the records in the database or even allow remote command execution. *** Solution: Please set a difficult to guess password for these accounts. ***
    Risk Factor: HIGH

    Perhaps you all did know this already but for those who don't : apply the solutions

  2. #2
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193
    Thks. good post. +tive antis coming. It seems few here on AO are concerned about databases much. The focus tend to be on os and other apps, but as you know, all our businesses run on dbs.

    Trappedagainbyperfectlogic.

  3. #3
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,540
    Even AO runs on dbs

  4. #4
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193
    out of curiosity - are you a dba?
    Trappedagainbyperfectlogic.

  5. #5
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,540
    nope, sorry

  6. #6
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193
    At one time I used to be an assistant dba. Which was weird since I was an engineer at the time. Oh well - not too much these days, mainly some mgmt of sql 7 clusters but I don't write stored procedures anymore.


    Trappedagainbyperfectlogic.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •