Article

Microsoft warns of IIS, RAS, SQL flaws

Edward Hurley, News Writer

Potentially damaging vulnerabilities have been found in Microsoft products ranging from its Internet Information Server (IIS), Remote Access Service and SQL Server 2000.

FOR MORE INFORMATION:

    Requires Free Membership to View

Patch for SQLXML flaw

Patch for Remote Access Service flaw

Patch for Heap Overrun in HTR


Feedback on this story? Send your comments to News Writer Edward Hurley

The danger posed by the flaws range from gaining a higher level of system privileges to being able to run arbitrary code on targeted systems.

SQLXML

Two vulnerabilities have been discovered in SQLXML, a protocol used to transfer data to and from SQL Server 2000 databases. SQLXML helps developers bridge the gap between XML and relational data. Users can work with their relational data as though it was an XML file over the Internet.

The first flaw involves an unchecked buffer vulnerability in an ISAPI extension that could allow an attacker to run code on an IIS Web server. However, the attacker would have to know the location of the virtual directory for SQLXML on the IIS Server to exploit the flaw, Microsoft said in an alert.

The second hole could allow an attacker to run script on a target computer with higher privileges. However, attackers must know the addresses of target SQL Servers. "For example, a script might be able to be run in the Intranet Zone instead of the Internet Zone," Microsoft said.


Remote Access Service

A flaw in the Remote Access Service (RAS) phonebook could create a buffer overrun allowing an attacker to crash the system and possibly run code. Only attackers who have proper log-on credentials can exploit the vulnerability, Microsoft said.

RAS allows dial-up connections between computers and networks. RAS is delivered in Windows NT 4.0, Windows 2000 and Windows XP. It is also found in Routing and Remote Access Server (RRAS) for Windows NT 4.0.

Attackers can exploit the flaw by logging on a server and modifying a phonebook entry using malformed data. They can then make a connection using the phonebook entry, thus running the imputed data.


Heap Overrun in HTR

A heap buffer overrun flaw exists in the Chunked Encoding data transfer mechanism in IIS version 4.0 and 5.0. An attacker could use the flaw to make the system crash or run arbitrary code on the system, Microsoft said.

Microsoft has recommended for a while users disable HTR functionality unless it's needed for a critical business use. Most people no longer use the obsolete scripting technology and now use active server pages instead.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: