funsec mailing list archives
Unpatched MS SQL Server vulnerability being exploited
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Tue, 23 Dec 2008 11:43:46 +0200 (EET)
Microsoft has confirmed a code execution type vulnerability in Microsoft SQL Server affecting to versions -SQL Server 2000 SP4 -SQL Server 2005 SP2 -SQL Server 2000 Desktop Engine (MSDE 2000) SP4 -SQL Server 2000 Desktop Engine (WMSDE), and -Windows Internal Database (WYukon) SP2. MS Security Advisory #961040 is located at http://www.microsoft.com/technet/security/advisory/961040.mspx It appears that this sp_replwritetovarbin extended stored procedure issue is related to finding of SEC Consult. Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Unpatched MS SQL Server vulnerability being exploited Juha-Matti Laurio (Dec 23)