Elevation of Privilege in SQL Server Web Tasks

Security 10941 Published by Philipp Esselbach 0

SQL Server 7.0 and 2000 provide stored procedures which is a collection of Transact-SQL statements stored under a name and processed as a group. One stored procedure, an extended stored procedure and weak permissions on a table combine to allow a low privileged user the ability to run, delete, insert or update web tasks.

An attacker who is able to authenticate to a SQL server could delete, insert or update all the web tasks created by other users. In addition, the attacker could run already created web tasks in the context of the creator of the web task. This typically runs in the context of the SQL Server Agent service account.

Read more

Flaw in Word Fields and Excel External Updates Could ...

Security 10941 Published by Philipp Esselbach 0

Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure (Q330008)

A vulnerability exists because it is possible to maliciously use field codes and external updates to steal information from a user without the user being aware. Certain events can trigger field code and external update to be updated, such as saving a document or by the user manually updating the links. Normally the user would be aware of these updates occurring, however a specially crafted field code or external update can be used to trigger an update without any indication to the user. This could enable an attacker to create a document that, when opened, would update itself to include the contents of a file from the user's local computer.

Read more

Flaw in Windows XP Help and Support Center Could Enable ...

Security 10941 Published by Philipp Esselbach 0

Flaw in Windows XP Help and Support Center Could Enable File Deletion (Q328940)

A security vulnerability is present in the Windows XP version of Help and Support Center, and results because a file intended only for use by the system is instead available for use by any web page. The purpose of the file is to enable anonymous upload of hardware information, with the user's permission, so that Microsoft can evaluate which devices users are not currently finding device drivers for. This information is then used to work with hardware vendors and device teams to improve the quality and quantity of drivers available in Windows. By design, after attempting to upload an XML file containing the hardware information, the system deletes it.

Read more

Trend Micro Pattern File October 15, 2002

Security 10941 Published by Philipp Esselbach 0

Use this version of the pattern file for all Trend Micro products running on Intel or DEC Alpha based operating systems and for products using Trend’s virus scanning API Library. Because more than 200 new viruses are discovered every month, it is strongly suggested that you update your virus pattern files regularly.

Homepage
Download

Norton AntiVirus Virus Definitions October 15, 2002

Security 10941 Published by Philipp Esselbach 0

This is the latest virus pattern to detect the latest viruses. This update will work on the following products: NAV 2000 for Win9x/NT/2000,
NAV 2001 for Win95b/98/NT/2000/Me,
NAV 2002 Professional Edition,
NAV 2002 for Win98/Me/NT/2000/XP Home/XP Pro,
NAV 4.0 for Windows 3.51,
NAV 5.0 and 2000 for Win9x,
NAV 5.0 and 2000 for WinNT,
NAV for Firewalls 1.5 or higher,
NAV for Lotus Notes (Intel),
NAV for MS Exchange (Intel),
Norton SystemWorks (all versions),
Norton Utilities for Windows 95/98 (all versions),
pcAnywhere32 7.5 and higher for WinNT.

Homepage
Download

Norton AntiVirus Virus Definitions October 14, 2002

Security 10941 Published by Philipp Esselbach 0

This is the latest virus pattern to detect the latest viruses. This update will work on the following products: NAV 2000 for Win9x/NT/2000,
NAV 2001 for Win95b/98/NT/2000/Me,
NAV 2002 Professional Edition,
NAV 2002 for Win98/Me/NT/2000/XP Home/XP Pro,
NAV 4.0 for Windows 3.51,
NAV 5.0 and 2000 for Win9x,
NAV 5.0 and 2000 for WinNT,
NAV for Firewalls 1.5 or higher,
NAV for Lotus Notes (Intel),
NAV for MS Exchange (Intel),
Norton SystemWorks (all versions),
Norton Utilities for Windows 95/98 (all versions),
pcAnywhere32 7.5 and higher for WinNT.

Homepage
Download

IIS Lockdown Tool (version 2.1)

Security 10941 Published by Philipp Esselbach 0

IIS Lockdown Wizard version 2.1 works by turning off unnecessary features, thus reducing attack surface available to attackers. To provide multiple layers of protection against attackers, URLscan, with customized templates for each supported server role, is integrated into the IIS Lockdown Wizard.

To keep the server completely secure, however, all hotfixes are required before and after applying IIS Lockdown Wizard to stay protected against known security vulnerabilities.

Download

Norton AntiVirus Virus Definitions October 11, 2002

Security 10941 Published by Philipp Esselbach 0

This is the latest virus pattern to detect the latest viruses. This update will work on the following products: NAV 2000 for Win9x/NT/2000,
NAV 2001 for Win95b/98/NT/2000/Me,
NAV 2002 Professional Edition,
NAV 2002 for Win98/Me/NT/2000/XP Home/XP Pro,
NAV 4.0 for Windows 3.51,
NAV 5.0 and 2000 for Win9x,
NAV 5.0 and 2000 for WinNT,
NAV for Firewalls 1.5 or higher,
NAV for Lotus Notes (Intel),
NAV for MS Exchange (Intel),
Norton SystemWorks (all versions),
Norton Utilities for Windows 95/98 (all versions),
pcAnywhere32 7.5 and higher for WinNT.

Homepage
Download

Vexira Antivirus for NT/2K/XP 2.03.00.02

Security 10941 Published by Philipp Esselbach 0

Vexira Antivirus is a single packaged virus defense system designed for easy and dependable virus prevention on desktops or small networks. Using the same powerful virus scanning technology and active virus defenses of the Professional edition, Vexira Antivirus closely monitors for viruses and other suspicious activity on local hard disks, floppy disks, e-mail attachments and Internet downloads. Vexira Antivirus utilizes a high-performance file analysis technology. This technology accurately identifies which files may contain malicious code, requiring further investigation, and those files, which do not, a process that greatly increases virus-scanning speed. Vexira Antivirus actively defends personal computers from viruses and other malicious applications.

Download

Norton AntiVirus Virus Definitions October 10, 2002

Security 10941 Published by Philipp Esselbach 0

This is the latest virus pattern to detect the latest viruses. This update will work on the following products: NAV 2000 for Win9x/NT/2000,
NAV 2001 for Win95b/98/NT/2000/Me,
NAV 2002 Professional Edition,
NAV 2002 for Win98/Me/NT/2000/XP Home/XP Pro,
NAV 4.0 for Windows 3.51,
NAV 5.0 and 2000 for Win9x,
NAV 5.0 and 2000 for WinNT,
NAV for Firewalls 1.5 or higher,
NAV for Lotus Notes (Intel),
NAV for MS Exchange (Intel),
Norton SystemWorks (all versions),
Norton Utilities for Windows 95/98 (all versions),
pcAnywhere32 7.5 and higher for WinNT.

Homepage
Download

Trojan Remover 4.8.5

Security 10941 Published by Philipp Esselbach 0

Trojan Remover was written to aid in the removal of Trojan Horses from a computer where standard anti-virus software has either failed to detect the Trojan Horse or is unable to effectively eliminate it. In no way should it be considered as an alternative to regularly using good anti-virus software to protect your computer.

Download

Unchecked Buffer in Outlook Express S/MIME Parsing ...

Security 10941 Published by Philipp Esselbach 0

Microsoft has released a new security update for Outlook Express:

Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System Compromise (Q328676)

To allow for verification of the authenticity of mail messages, Microsoft Outlook Express supports digital signing of messages through S/MIME. A buffer overrun vulnerability lies in the code that generates the warning message when a particular error condition associated with digital signatures occurs.

By creating a digitally signed email and editing it to introduce specific data, then sending it to another user, an attacker could cause either of two effects to occur if the recipient opened or previewed it. In the less serious case, the attacker could cause the mail client to fail. If this happened, the recipient could resume normal operation by restarting the mail client and deleting the offending mail. In the more serious case, the attacker could cause the mail client to run code of their choice on the user's machine. Such code could take any desired action, limited only by the permissions of the recipient on the machine.

This vulnerability could only affect messages that are signed using S/MIME and sent to an Outlook Express user. Users of Microsoft Outlook products are not affected by this vulnerability.

Read more

Norton AntiVirus Virus Definitions October 9, 2002

Security 10941 Published by Philipp Esselbach 0

This is the latest virus pattern to detect the latest viruses. This update will work on the following products: NAV 2000 for Win9x/NT/2000,
NAV 2001 for Win95b/98/NT/2000/Me,
NAV 2002 Professional Edition,
NAV 2002 for Win98/Me/NT/2000/XP Home/XP Pro,
NAV 4.0 for Windows 3.51,
NAV 5.0 and 2000 for Win9x,
NAV 5.0 and 2000 for WinNT,
NAV for Firewalls 1.5 or higher,
NAV for Lotus Notes (Intel),
NAV for MS Exchange (Intel),
Norton SystemWorks (all versions),
Norton Utilities for Windows 95/98 (all versions),
pcAnywhere32 7.5 and higher for WinNT.

Homepage
Download

McAfee DAT 4228

Security 10941 Published by Philipp Esselbach 0

Virus definition, or .DAT, files contain up-to-date virus signatures and other information that Network Associates anti-virus products use to protect your computer against the thousands of computer viruses in circulation. Network Associates releases new .DAT files regularly to provide protection against the approximately 300 new viruses that appear each month. To ensure that your anti-virus software can protect your system or network against the latest virus threats, download and install the latest .DAT files.

Homepage
Download

Trend Micro Pattern File October 9, 2002

Security 10941 Published by Philipp Esselbach 0

Use this version of the pattern file for all Trend Micro products running on Intel or DEC Alpha based operating systems and for products using Trend’s virus scanning API Library. Because more than 200 new viruses are discovered every month, it is strongly suggested that you update your virus pattern files regularly.

Homepage
Download

McAfee SuperDAT 4228

Security 10941 Published by Philipp Esselbach 0

Virus definition, or .DAT, files contain up-to-date virus signatures and other information that Network Associates anti-virus products use to protect your computer against the thousands of computer viruses in circulation. Network Associates releases new .DAT files regularly to provide protection against the approximately 300 new viruses that appear each month. To ensure that your anti-virus software can protect your system or network against the latest virus threats, download and install the latest .DAT files.

Homepage
Download

Previous Page

Next Page

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...