Application Security, Inc.
home client login partner login online store contact us
search:
Solutions Products Partners Support News & Events About Us

Security Updates - ASAP™ Updates
(Application Security Automatic Protection)

AppDetective™ Update 2.5.94 - 3 October 2002

NEW CHECKS

Microsoft SQL Server

Title: DBCC buffer overflow
Summary:
One of the built-in DBCC functions contains a buffer overflow that may allow an attacker to overwrite the stack and execute arbitrary code under the security context of the database. The first parameter of the function does not properly handle a long string.

Title: Hello buffer overflow
Summary:
During a login to Microsoft SQL Server, several packets containing user-defined data are passed from the client to the server. If an overly long string is passed as one of the user-defined fields, a buffer overflow condition is created on the server.

Title: Job output file handling
Summary:
Microsoft SQL Server provides a mechanism to schedule jobs. This mechanism allows an unprivileged user to create jobs that will be executed using the elevated privileges of the SQL Server Agent.

Return to ASAP™ Updates Listing
 
Contact Us | Privacy | Sitemap | Legal
sales@appsecinc.com | support@appsecinc.com 		Call us toll free at: 1-866-927-7732 | FAX: 1-212-947-8788
. Application Security, Inc. All Rights Reserved