Microsoft Security Bulletin Alert !!!! Please Read
Feb 21, 2002
-----BEGIN PGP SIGNED MESSAGE-----
- ----------------------------------------------------------------------
Title: SQL Server Remote Data Source Function Contain
Unchecked Buffers
Date: 20 February 2002
Software: Microsoft SQL Server
Impact: Run code of attacker's choice on server
Max Risk: Moderate
Bulletin: MS02-007
Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS02-007.asp.
- ----------------------------------------------------------------------
Issue:
======
One of the features of Structured Query Language (SQL) in
SQL Server 7.0 and 2000 is the ability to connect to remote data
sources. One capability of this feature is the ability to use
"ad hoc" connections to connect to remote data sources without
setting up a linked server for less-often used data-sources. This
is made possible through the use of OLE DB providers, which are
low-level data source providers. This capability is made possible
by invoking the OLE DB provider directly by name in a query to
connect to the remote data source.
An unchecked buffer exists in the handling of OLE DB provider names
in ad hoc connections. A buffer overrun could occur as a result and
could be used to either cause the SQL Server service to fail, or to
cause code to run in the security context of the SQL Server.
SQL Server can be configured to run in various security contexts,
and by default runs as a domain user. The precise privileges the
attacker could gain would depend on the specific security context
that the service runs in.
An attacker could exploit this vulnerability in one of two ways.
They could attempt to load and execute a database query that calls
one of the affected functions. Conversely, if a web-site or other
database front-end were configured to access and process arbitrary
queries, it could be possible for an attacker to provide inputs that
would cause the query to call one of the functions in question
with the appropriate malformed parameters.
Mitigating Factors:
====================
- The effect of exploiting the vulnerability would depend on the
specific configuration of the SQL Server service. SQL Server
can be configured to run in a security context chosen by the
administrator. By default, this context is as a domain user.
If the rule of least privilege has been followed, it would
minimize the amount of damage an attacker could achieve.
- Both vectors for exploiting the vulnerability could be blocked
by following best practices. Specifically, untrusted users
should not be able to load and execute queries of their choice
on a database server. In addition, publicly accessible database
queries should filter all inputs prior to processing.
Risk Rating:
============
- Internet systems: Moderate
- Intranet systems: Moderate
- Client systems: Moderate
Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletin at
http://www.microsoft.com/technet/security/bulletin/ms02-007.asp
for information on obtaining this patch.
View 1 Replies
ADVERTISEMENT
Feb 21, 2002
-----BEGIN PGP SIGNED MESSAGE-----
- ----------------------------------------------------------------------
Title: SQL Server Remote Data Source Function Contain
Unchecked Buffers
Date: 20 February 2002
Software: Microsoft SQL Server
Impact: Run code of attacker's choice on server
Max Risk: Moderate
Bulletin: MS02-007
Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS02-007.asp.
- ----------------------------------------------------------------------
Issue:
======
One of the features of Structured Query Language (SQL) in
SQL Server 7.0 and 2000 is the ability to connect to remote data
sources. One capability of this feature is the ability to use
"ad hoc" connections to connect to remote data sources without
setting up a linked server for less-often used data-sources. This
is made possible through the use of OLE DB providers, which are
low-level data source providers. This capability is made possible
by invoking the OLE DB provider directly by name in a query to
connect to the remote data source.
An unchecked buffer exists in the handling of OLE DB provider names
in ad hoc connections. A buffer overrun could occur as a result and
could be used to either cause the SQL Server service to fail, or to
cause code to run in the security context of the SQL Server.
SQL Server can be configured to run in various security contexts,
and by default runs as a domain user. The precise privileges the
attacker could gain would depend on the specific security context
that the service runs in.
An attacker could exploit this vulnerability in one of two ways.
They could attempt to load and execute a database query that calls
one of the affected functions. Conversely, if a web-site or other
database front-end were configured to access and process arbitrary
queries, it could be possible for an attacker to provide inputs that
would cause the query to call one of the functions in question
with the appropriate malformed parameters.
Mitigating Factors:
====================
- The effect of exploiting the vulnerability would depend on the
specific configuration of the SQL Server service. SQL Server
can be configured to run in a security context chosen by the
administrator. By default, this context is as a domain user.
If the rule of least privilege has been followed, it would
minimize the amount of damage an attacker could achieve.
- Both vectors for exploiting the vulnerability could be blocked
by following best practices. Specifically, untrusted users
should not be able to load and execute queries of their choice
on a database server. In addition, publicly accessible database
queries should filter all inputs prior to processing.
Risk Rating:
============
- Internet systems: Moderate
- Intranet systems: Moderate
- Client systems: Moderate
Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletin at
http://www.microsoft.com/technet/security/bulletin/ms02-007.asp
for information on obtaining this patch.
View 3 Replies
View Related
Nov 20, 2007
i was trying to install sql server 2000 enterprise edition on win 2003 with SP1. i got stuck with this error sayinbg;"the driver software you are installing has not been properly signed with Autheticode(TM) technology. therefore windows cannot tell if the software has been modified since it was published. the publisher's identity cannot be verified because of a problem,
The installed INF file does not contain digital signature infromation"
Do you still want to install this driver software?
No matter what i click, either yes or no, it takes me nowhere. i googled it everywhere still could not find a solution. please let me know if you guys got any idea.
View 4 Replies
View Related
Feb 11, 2006
The current version of Microsoft SQL is SQL 2005.
If you are running a different version of Microsoft SQL, it is your responsibility to state what version you are using (for example, SQL 2000, service pack 2). If you don't include information about what version of Microsoft SQL you are using, we'll assume that you are running SQL 2005 and the answer that we give you may or may not work with the version of Microsoft SQL that you are using.
Kudos to r937 for reminding me to include this version information in our FAQ
General Topics
What is a FAQ? (http://www.dbforums.com/showthread.php?t=1212452#post4527529)
How to ask a question to get quick and correct answers? (http://www.dbforums.com/showthread.php?t=1212452#post4527530)
How do I "join the community"? (http://www.dbforums.com/showthread.php?t=1212452#post4527531)
What does Microsoft have to say about group participation? (http://www.dbforums.com/showthread.php?t=1212452#post4527533)
Homework
How NOT to ask for help! (http://www.dbforums.com/showthread.php?p=6226875#post6226875)
SQL Server Topics
How do I get DDL for my tables? (http://www.dbforums.com/showthread.php?t=1212452#post4527532)
View 7 Replies
View Related
Feb 22, 2004
I am writing an asp application that uses sql server 2000 as the back-end db and I want to create a discussion board. I need to know what data type I should use to accomodate a large entry by the user and anything else I should be aware of.
Thanks!!!
View 4 Replies
View Related
Jan 20, 2004
I HAVE CREATED A SECURITY DATABASE USING A NEW WORKGROUP FILE WITH A NEW MDW FILE NAME. THE DATABASE ITSELF CONTAINS SEVERAL GROUPS OF USERS AND SEVERAL USERS. THE DATABASE WORKS AS DESIGNED.
THE PROBLEMS IS IF I OPEN THIS DATABASE USING THE SYSTEM.MDW FILE, THE DATABASE OPENS AND GIVE ME COMPLETE ACCESS TO EVERYTHING.
CAN ANYONE EXPLAIN WHAT IS HAPPENING.
ANY HELP WILL BE APPRECIATED
THANKING YOU IN ADVANCE
JOSEPH FORD
View 14 Replies
View Related
Apr 23, 2008
I've just taken over the role of SQL Server DBA for my organization. I've been asked to go over the list of Microsoft patches that will be installed on our SQL Server boxes to see if there are any issues.
As of now, I'm going to Microsoft's site and reading up on the patches. But, they don't have any info on where there are any negative effects on SQL Server or other Microsoft products.
The patches are being installed on test servers and I plan on running a few jobs to test for any issues.
Does anyone know of any other resources I could check?
Thanks,
-jeff
View 2 Replies
View Related
Sep 27, 2007
Hi
I downloaded MBSA and ran it against my SQL 2005 Server. It tells me that I have a severe risk because
'The following databases have public access.Remove the public access if it is not required - tempdb , model , msdb , ReportServer , ReportServerTempDB'
I have checked these databases and each have the Guest User but it is disabled. If I check the database properties the public role has no permissions against the listed databases.
Is this a bug with MBSA? If not how do I remove Public Access?
View 11 Replies
View Related
Oct 26, 2015
What is the correct way to create a security group that allows the group members to Select (Read) the content of a database?
1. Create a security group in AD
2. Add the required members to the group
3. Add the security group as a login on the SQL server (Under Security>Logins)
4. Add the security group to the specific database with Grant in Connect and Select
View 11 Replies
View Related
May 18, 2015
As far as i know all users that is assigned to "Public" database role by default cannot SELECT any tables which in the databases. But in my case i am restoring database from previous version of SQL Server 2005 to SQL Server 2008 R2.
The problem come when every new users that created can access all tables in the databases.
How to get "public" back to default permission settings?
View 13 Replies
View Related
Feb 13, 2006
Hi there,
I have successfully installed SQL Server Express.
I have copied NorthWind to SQL Server.
I have created an ODBC to the SQL NorthWind.
But my problem is, I open the data but I cannot edit or insert records
to the Customer table.
I have gone into SQL Management Studio and modified Permissions
on NorthWind and the Customer table with Alter, Insert, Update.
But no luck.
Has anyone experienced this?
Email me at justintoronto@hotmail.com if you have a solution.
I will try to check back here also.
Thanks,
Justin
View 1 Replies
View Related
Dec 21, 2006
I am struggling in calling an SSIS package programatically using the Microsoft.SqlServer.Dts.Runtime namespace.
I am succesfuly connecting to the package insofar as I am able to retrieve the package ID (GUID), but when I call package.Execute I get a 'login failed for user' error, which indicates a security problem.
My ASP.NET app is running as a domain user which has temporary 'SA' rights on the server where the package is hosted. In addition, I have set the protection level on the package to 'DontSaveSensitive'.
What am I missing to be able to execute the package remotely?
TIA,
Rick
View 1 Replies
View Related
Sep 28, 2007
Hello. I have received the follwoing error upon an attempt to Browse the Cube. All other tabs are functional, including the Calculations tab. We are running Windows Server 2003 SP2 and SQL Server 2005 SP2. Any suggestions would be greatly appreciated!
**EDIT** - Have confirmed SP1 for VS2005 is installed both locally and on server, also.
Attempted to read or write protected memory. This is often an indication that other memory is corrupt. (Microsoft Visual Studio)
------------------------------
Program Location:
at Microsoft.Office.Interop.Owc11.PivotView.get_FieldSets()
at Microsoft.AnalysisServices.Controls.PivotTableFontAdjustor.TransformFonts(Font font)
at Microsoft.AnalysisServices.Browse.CubeBrowser.UpdatePivotTable(Boolean translate)
at Microsoft.AnalysisServices.Browse.CubeBrowser.UpdateAll(Boolean translate)
at Microsoft.AnalysisServices.Browse.CubeBrowser.InitialUpdate()
at Microsoft.AnalysisServices.Browse.CubeBrowser.SupportFunctionWhichCanFail(FunctionWhichCanFail function)
View 4 Replies
View Related
Aug 6, 2015
I want to make data changes in read_only database , that's why i must set database read_write. While database is at read_write mode, i want to be sure that no one makes change in database.
For this aim, i write the code below, but i suspect that after setting the database read_write, till the setting database
single_user ,is it possible get DML script from another user. Is the code below enough for this operation. Or is there another way?
Reminding: Read_only database can not be set single_user mode. That's why, first you must set database read_write.
The code;
use master
alter database xxx set read_write
with rollback immediate
alter database xxx set single_user
with rollback immediate
use xxx
update tablexxx set columnxxx=yyy
use master
alter database xxx set read_only
with rollback immediate
alter database xxx set multi_user
with rollback immediate
View 5 Replies
View Related
Aug 13, 2015
Can you use the below query to get CPU high utilisation alert purposes for both named and default instance? or, do I need to make any changes here (@wmi_namespace=N'.ROOTCIMV2' ) ?
USE [msdb]
GO
EXEC msdb.dbo.sp_add_alert @name=N'CPU_WM_Utilization_Check',
@message_id=0,
@severity=0,
[code]....
View 2 Replies
View Related
Jan 12, 2012
i attached adventure works in sql server 2008 and it showing as read only ,make it read write or remove read only tag from database.
View 11 Replies
View Related
Jun 21, 2007
Hi
I am trying to use Association Viewer Control in
Microsoft.AnalysisServices.Viewers.DLL dll in VS 2005 but sometimes it gives an error.
"Code generatio for property 'ConnecitonManager'" failed. Error was:'Property accesor 'ConnectionManager' on object 'AssosiactionViewer1' threw the following exception:'Object referance not set to instance of an object"
Is there anyone here who use
"Microsoft SQL Server 2005 Datamining Viewer Controls" in SQLServer2005 FeaturePack ?
http://www.microsoft.com/downloads/details.aspx?FamilyID=50b97994-8453-4998-8226-fa42ec403d17&DisplayLang=en
i am using VS2005 Version 8.0.50727.762 (SP.050727-7600)
and SQL Server 2005 SP2
thanks from now.
Cem Üney
View 9 Replies
View Related
Mar 24, 2015
How to identify whether the files are in read write or read only?
View 1 Replies
View Related
Aug 26, 2015
I'm trying to do Sharepoint DR with Log Shipping and every thing configured except one thing which is switch the WSS_Content (Standby /Read-Only) DB to be ready and Write.
I tried from
GUI or ALTER DATABASE [WSS_Content] SET
READ_WRITE WITH NO_WAIT
but I received the below error:
Database WSS_Content is in Warm Standby
View 9 Replies
View Related
Jan 18, 2008
I have two database files, one .mdf and one .ndf. The creator of these files has marked them readonly. I want to "attach" these files to a new database, but cannot do so because they are read-only. I get this message:
Server: Msg 3415, Level 16, State 2, Line 1
Database 'TestSprintLD2' is read-only or has read-only files and must be made writable before it can be upgraded.
What command(s) are needed to make these files read_write?
thanks
View 7 Replies
View Related
Jul 23, 2005
Dear All,Access adp on sql-server 2000After upgrating to A2003 updating data with 1 perticular combobox causes theprogram to hangs without any error-msg.Traying to change te combobox recordsource i get this error:This version of Microsoft Access doesn't support design changes to theversion of Microsoft SQL Server your project is connected to. See theMicrosoft Office Update Web site for the latest information and downloads(on the Help menu, click Office on the Web). Your design changes will not besaved.The solution in :http://support.microsoft.com/defaul...kb;en-us;313298tolks about SP 'dt_verstamp007' but I have SP 'dt_verstamp006'What should I do.Is the failure of the combobox also caused by the absence of dt_verstamp007???Filip
View 2 Replies
View Related
May 22, 2007
odbc_pconnect() [function.odbc-pconnect]: SQL error: [Microsoft][ODBC Microsoft Access Driver] System resource exceeded., SQL state S1001 in SQLConnect
we got the error with access 2000 database and PHP as prog. language .
we created dsn for the connection.
reboot solves the problem. but we need another solution better than this.
View 7 Replies
View Related
Sep 25, 2007
Hi,
I'm trying to install Microsoft Dynamics 10.0 with SQL 2008 Dev but when launching the utilities this returns the following error message:
******************************************************************
Your current SQL Server is not a supported version.
Req: Microsoft SQL Server 8.0
Act: Microsoft SQL Server code name "Katmai" (CTP) - 10
You need to upgrade to SQL Server 8.0 before continuing.
******************************************************************
Any ideas could help or has this if anyone knows been desinged not to work with GP10 currently?
Assad
View 7 Replies
View Related
Nov 26, 2007
OBJECTIVE: I would like to read a text file from SQL Server 2000, read the text file content, and load its conntents in a RichTextBoxTHINGS I'VE DONE AND HAVE WORKING:1) I've successfully load a text file (ex: textFile.txt) in sql server database table column (with datatype Image) 2) I've also able to load the file using a Handler as below: using System;using System.Web;using System.Data.SqlClient;public class HandlerImage : IHttpHandler {string connectionString;public void ProcessRequest (HttpContext context) {connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["NWS_ScheduleSQL2000"].ConnectionString;int ImageID = Convert.ToInt32(context.Request.QueryString["id"]);SqlConnection myConnection = new SqlConnection(connectionString);string Command = "SELECT [Image], Image_Type FROM Images WHERE Image_Id=@Image_Id";SqlCommand cmd = new SqlCommand(Command, myConnection);cmd.Parameters.Add("@Image_Id", System.Data.SqlDbType.Int).Value = ImageID;SqlDataReader dr;myConnection.Open(); cmd.Prepare(); dr = cmd.ExecuteReader();if (dr.Read()){ //WRITE IMAGE TO THE BROWSERcontext.Response.ContentType = dr["Image_Type"].ToString();context.Response.BinaryWrite((byte[])dr["Image"]);}myConnection.Close();}public bool IsReusable {get {return false;}}}'>'>
<a href='<%# "HandlerDocument.ashx?id=" + Eval("Doc_ID") %>'>File
</a>- Click on this link, I'll be able to download or view the file WHAT I WANT TO DO, BUT HAVE PROBLEM:- I would like to be able to read CONTENT of this file and load it in a string as belowStreamReader SR = new StreamReader()SR = File.Open("File.txt");String contentText = SR.Readline();txtBox.text = contentText;BUT THIS ONLY WORK FOR files in the server.I would like to be able to read FILE CONTENTS from SQL Server.PLEASE HELP. I really appreciate it.
View 1 Replies
View Related
Mar 17, 2008
I have a query that executes just fine except that it won't recognize varchar(255) ( or any other value within the () ) and if I leave it off like this: varchar, then it executes but it leaves that value as 1 and that is just not very useful for my purposes. This also happens with anything else that requires () to add length such as char(), or nvarchar(), etc... Any ideas?
View 1 Replies
View Related
Jun 27, 2014
i have a database which get refreshed every day from client's data . and we need to pull heavy data from them every day as reports . so only selects happens on that database.
we do daily population of some table in some other databases from this daily refreshed DB.
will read uncommitted or NOLOCK with select queries to retrieve data faster.
there will be no dirty read as there are NO DML operation in that database so for SELECT which happens concurrently on these tables , will NOLOCK work?
View 2 Replies
View Related
Aug 15, 2014
Can a user of db owner role of a database change the databse option to read only and read-write?If not what permission I need to grant to the user?
View 1 Replies
View Related
Jul 23, 2005
Is it possible to set READ UNCOMMITTED to a user connecting to an SQL2000 server instance? I understand this can be done via a front endapplication. But what I am looking to do is to assign this to aspecific user when they login to the server via any entry application.Can this be set with a trigger?
View 1 Replies
View Related
Mar 12, 2004
OK, I'm using VS2003 and I'm having trouble. The page works perfectly when I created it with WebMatrix but I want to learn more about creating code behind pages and this page doesn't work. I think it has some things to do with Query builder but I can't seem to get change outside "please register". I have the table populated and it is not coming back with "login successful" or "password wrong" when I've entered correct information. Enclosed is what I've done in VS2003. Can you see where my error is? Any help would be greatly appreciated.
Thanks again.
Imports System.data.sqlclient
Imports System.Data
Public Class login2
Inherits System.Web.UI.Page
#Region " Web Form Designer Generated Code "
'This call is required by the Web Form Designer.
<System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent()
Me.SqlConnection1 = New System.Data.SqlClient.SqlConnection
Me.SqlCommand1 = New System.Data.SqlClient.SqlCommand
'
'SqlConnection1
'
Me.SqlConnection1.ConnectionString = "server=LAWORKSTATION;user id=sa;database=test;password=t3st"
'
'SqlCommand1
'
Me.SqlCommand1.CommandText = "SELECT pass FROM Customer WHERE (email = 'txtusername.text')"
Me.SqlCommand1.Connection = Me.SqlConnection1
End Sub
Protected WithEvents lblUsername As System.Web.UI.WebControls.Label
Protected WithEvents lblPassword As System.Web.UI.WebControls.Label
Protected WithEvents txtUsername As System.Web.UI.WebControls.TextBox
Protected WithEvents txtPassword As System.Web.UI.WebControls.TextBox
Protected WithEvents btnSubmit As System.Web.UI.WebControls.Button
Protected WithEvents lblMessage As System.Web.UI.WebControls.Label
Protected WithEvents SqlConnection1 As System.Data.SqlClient.SqlConnection
Protected WithEvents SqlCommand1 As System.Data.SqlClient.SqlCommand
'NOTE: The following placeholder declaration is required by the Web Form Designer.
'Do not delete or move it.
Private designerPlaceholderDeclaration As System.Object
Private Sub Page_Init(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Init
'CODEGEN: This method call is required by the Web Form Designer
'Do not modify it using the code editor.
InitializeComponent()
End Sub
#End Region
Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
'Put user code to initialize the page here
End Sub
Private Sub btnSubmit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnSubmit.Click
SqlConnection1.Open()
Dim dr As SqlDataReader = SqlCommand1.ExecuteReader
If dr.Read() Then
If dr("password").ToString = txtPassword.Text Then
lblMessage.Text = "login successful"
Else
lblMessage.Text = "Wrong password"
End If
Else
lblMessage.Text = "Please register"
End If
dr.Close()
SqlConnection1.Close()
End Sub
End Class
View 8 Replies
View Related
Dec 4, 2014
I use from sql server 2008. and c#
what is the best connectionstring?
I don't know if i use Persist Security Info and Integrated Security or not?
And if yes then their value must be true or false?
View 1 Replies
View Related
Oct 14, 2005
Hello there I have trying to figure out for days how to enable FullTrust for my Reporting Services security extension.
View 9 Replies
View Related
Jul 31, 2007
Hi,
I have posted this issue for a week, haven't got any reply yet, I posted it again and desperately need your help.
The article http://msdn2.microsoft.com/en-us/library/ms365343.aspx says:
Model Item Security can be set for differnt security filters, but when I use SQL Server Management Studio to set Model Item Security, it seems "Permissions" property surpass "Model Item Security" property. -- My report server is using Custom Authentication.
For example, in "Permissions" property of the model, if I checked "Use these roles for each group or user account" without setting any user or group, no matter what users I added to "Model Item Security" with "Secure individual model items independently for this model" checked, NO one user can see the model on report manager and report builder;
in above situation, if I added "user1" and gave role such as "Browser" role to "user1" in "Permissions" property, if I checked "Secure individual model items independently for this model" in "Model Item Security" property, even I did NOT grant "user1" to root model and any entities under the model, the "user1" is able to access the model and all entities in report builder.
My question is on the same report model, how to set "AdminFilter" (empty security filter) for administrator permissions and set "GeneralFilter" (filtered on UserID) for general user based on their UserID?
The article also says:
"Security filters are always applied, even for users who have Content Manager or Administrator permissions to the model. To allow administrators or other users to see all rows of an entity on which row-level security is defined, you can create an empty security filter (which always returns True) and then use the filter to grant those users access to all the rows."
So I defined 2 filters "GeneralFilter" and "AdminFilter" for "Staff" entity for my report model "SSRSModel", I expect after I deployed the report model, the administrator users use report builder to build reports with all rows available, and the non-admin users can only see rows based on their UserID.
I can only get one result at a time but not both:
either the rows are filtered or not filtered at all, no matter how I set the "SecurityFilter" for the entity: I tried setting both "AdminFilter" and "GeneralFilter" for SecurityFilter at the same time, combination of "DefaultSecurityFilter" and "SecurityFilter", or one at a time.
Your help is highly appreciated!
Desperate developer
View 1 Replies
View Related
Aug 26, 2006
hello all member
View 14 Replies
View Related
