Manualshelf

Specifications

ManualsBrandsCayman Systems ManualsComputer equipment3220-H
21222324252627282930
SAFER – Vol. 3, Issue 6 28 © 2000 The Relay Group
Microsoft Security Bulletin (MS00-035)
Released May 30, 2000
Affects Microsoft SQL Server 7.0 Service Packs 1 and 2
Reference http://www.microsoft.com/technet/security/bulletin/fq00-035.asp
Problem
- When SQL Server 7.0 Service Packs 1 or 2 are installed on a machine that is configured to
perform authentication using Mixed Mode, the password for the SQL Server standard security
System Administrator (sa) account is recorded in plaintext in the file \%TEMP%\sqlsp.log. The
default permissions on the file would allow any user to read it who could log onto the server
interactively.
- The password is only recorded if Mixed Mode is used, and even then, only if the administrator
chose to use SQL Server Authentication when installing the service pack. Microsoft has long
recommended that SQL servers be configured to use the more secure Windows NT Authentication
Mode, and customers who have followed this recommendation would not be affected. Even on
affected machines, the password could not be compromised if, per normal security
recommendations, normal users are prevented from logging onto the machine interactively.
SAFER
- Microsoft has released a patch.
TurboLinux Security Announcement TLSA2000012-1: xlockmore-4.16 and earlier
Released May 29, 2000
Affects TurboLinux 6.0.4 and earlier
Reference http://www.turbolinux.com/
Problem
- The xlock program locks an X server until a valid password is entered. The command line option -
mode provides a user with a mechanism to change the default display shown when the X server is
locked. Xlock is installed with privileges to obtain password information, although these are
dropped as early as possible.
- An overflow in the –mode command line option allows a malicious attacker to reveal arbitrary
portions of xlock's address space including the shadow password file.
SAFER
- Update the package.
NAI Security Advisory COVERT-2000-06: Initialized Data Overflow in Xlock
Released May 29, 2000
Affects All versions of xlockmore prior to and including 4.16
Reference http://www.nai.com/covert/
Problem
- Implementation vulnerability in xlock allows global variables in the initialized data section of
memory to be overwritten. This creates the potential for local users to view the contents of xlock's
memory, including the shadowed password file, after root privileges have been dropped.
SAFER
- Patches and updates from various vendors are available.