-
February 15th, 2002, 07:15 PM
#1
IE patch & SQL brute force
taken from www.securityspace.com
attention Windows users for the following 2 high risk vulnerabilities
1)
Title: IE 5.01 5.5 6.0 Cumulative patch (Q316059)
ID: 10861
Category: Windows
http://www.securityspace.com/smysecu....html?id=10861
Summary: Determines whether the hotfix Q313675 is installed
Description:
The 11 Febuary 2002 Cumulative Patch for IE is
not applied on the remote host.
Impact of vulnerability: Run code of attacker's choice.
Recommendation: Customers using IE should install the patch immediately.
Affected Software:
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
NOTE: Might require full registry access on win2k and xp
Supersedes MS01-055 and ms01-058
See http://www.microsoft.com/technet/sec...n/ms02-005.asp
Risk factor : High
2)
Title: Microsoft's SQL Server Brute Force
ID: 10862
Category: Windows
http://www.securityspace.com/smysecu....html?id=10862
Summary: Microsoft's SQL Server Brute Force
Description: The SQL Server has a common password for one or more accounts. These accounts may be used to gain access to the records in the database or even allow remote command execution. Solution: Please set a difficult to guess password for these accounts.
Risk Factor: HIGH
Perhaps you all did know this already but for those who don't : apply the solutions
-
February 16th, 2002, 02:14 AM
#2
Thks. good post. +tive antis coming. It seems few here on AO are concerned about databases much. The focus tend to be on os and other apps, but as you know, all our businesses run on dbs.
Trappedagainbyperfectlogic.
-
February 16th, 2002, 02:15 AM
#3
Even AO runs on dbs
-
February 16th, 2002, 02:18 AM
#4
out of curiosity - are you a dba?
Trappedagainbyperfectlogic.
-
February 16th, 2002, 02:19 AM
#5
-
February 16th, 2002, 02:27 AM
#6
At one time I used to be an assistant dba. Which was weird since I was an engineer at the time. Oh well - not too much these days, mainly some mgmt of sql 7 clusters but I don't write stored procedures anymore.
Trappedagainbyperfectlogic.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|