microsoft sql server 2000
Microsoft SQL Server 2000 SP2 Update
This brings you the latest update to SQL Server 2000 Service Pack 2 (SP2) more>>
Microsoft SQL Server 2000 SP2 Update brings you the latest update to SQL Server 2000 Service Pack 2 (SP2) which can address specific issues that were discovered in SQL Server 2000 since its ship date.
Because SQL Server Service Packs are cumulative, SP2 includes all fixes from previously released Service Pack 1 (SP1), and can be applied to an original installation or to one where Service Pack 1 (SP1) was previously applied.
Microsoft SQL Server 2000 service pack is an advanced program which satisfies you with updates and bugfixesMicrosoft - FIX: Local Connection Attempt Fails When Windows NT Server Name is Mixed Case. Microsoft SQLMicrosoft SQL Server 2000 Patch: Malformed RPC Req
Hotfix installer for malformed RPC request can cause service failure more>> This is a SQL Server 2000 security patch for "Q298012 - Malformed RPC Request Can Cause Service Failure". For More Information<<less
Microsoft SQL Server 2000 Patch: Prevents Inapprop
Prevents a login from having inappropriate data access rights more>> Logins that use the SQL Server Authentication (Standard) security mode with a particular query method used to access data from an OLE-DB data source may allow rights that the login might not normally have.<<less
Microsoft SQL Server 2000 Patch: Inappropriate Log
Prevents a login from having inappropriate data access rights more>> Logins that use the SQL Server Authentication (Standard) security mode with a particular query method used to access data from an OLE-DB data source may allow rights that the login might not normally have.<<less
Microsoft SQL Server 2000 Patch: Potential Query S
If you are running Microsoft SQL Server English Query applications or Model testing English Query applications with Microsoft Visual Studio, you should apply the English Query update to ensure the more>> If you are running Microsoft SQL Server English Query applications or Model testing English Query applications with Microsoft Visual Studio, you should apply the English Query update to ensure the most robust English Query server configuration.<<less
Microsoft SQL Server 2000 Patch: Extended Stored P
This patch eliminates a security vulnerability in Microsoft? SQL Server? 7.0 and Microsoft SQL Server 2000 more>> This patch eliminates a security vulnerability in Microsoft? SQL Server? 7.0 and Microsoft SQL Server 2000. The flaw in SQL Server might allow a memory buffer allocated on the stack to be overwritten with arbitrary data, potentially allowing an attacker to execute arbitrary code in the SQL Server process space. This arbitrary code might be used for purposes as simple as shutting down the server to as complex as spawning a different process that might be used to take control of the server.<<less
Microsoft SQL Server 2000 - Text Formatting Functi 354983
Previously published under Q304850. SQL Server 2000 provides a number of functions that enable database queries to generate text messages more>> Previously published under Q304850.
SQL Server 2000 provides a number of functions that enable database queries to generate text messages. In some cases, the functions create a text message and store it in a variable; in others, the functions directly display the message. A vulnerability has been discovered with these functions.
Use of an invalid format type character may allow SQL Server to overwrite an internal buffer that may overwrite an address in the SQL Server process space with arbitrary data. If SQL Server overwrites an address in the SQL Server process space with arbitrary data, SQL Server may potentially allow you to execute arbitrary code within SQL Server or the SQL Server process may abnormally terminate.
<<lessMicrosoft SQL Server 2000 Remote Data Source Funct Q316333
One of the features of Structured Query Language (SQL) in SQL Server 7.0 and 2000 is the ability to connect to remote data sources more>> One of the features of Structured Query Language (SQL) in SQL Server 7.0 and 2000 is the ability to connect to remote data sources. One capability of this feature is the ability to use ?ad hoc? connections to connect to remote data sources without setting up a linked server for less-often used data-sources. This is made possible through the use of OLE DB providers, which are low-level data source providers. This capability is made possible by invoking the OLE DB provider directly by name in a query to connect to the remote data source.
An unchecked buffer exists in the handling of OLE DB provider names in ad hoc connections. A buffer overrun could occur as a result and could be used to either cause the SQL Server service to fail, or to cause code to run in the security context of the SQL Server. SQL Server can be configured to run in various security contexts, and by default runs as a domain user. The precise privileges the attacker could gain would depend on the specific security context that the service runs in.
An attacker could exploit this vulnerability in one of two ways. They could attempt to load and execute a database query that calls one of the affected functions. Conversely, if a web-site or other database front-end were configured to access and process arbitrary queries, it could be possible for an attacker to provide inputs that would cause the query to call one of the functions in question with the appropriate malformed parameters.
<<lessMicrosoft SQL Server 2000 Patch: Malformed RPC Request Update
Microsoft SQL Server 2000 Patch: Malformed RPC Request Update is created to be a SQL Server 2000 security patch for Q298012 - Malformed RPC Request Can Cause Service Failure. more>>
Microsoft SQL Server 2000 Patch: Malformed RPC Request Update is created to be a SQL Server 2000 security patch for "Q298012 - Malformed RPC Request Can Cause Service Failure".
Microsoft SQL Server 2000 Service Pack 1 Database Components 1.0
Get the latest fixes for Microsoft SQL Server 2000. more>>
Microsoft SQL Server 2000 Service Pack 1 Database Components 1.0 is a useful software which addresses specific issues that were discovered in SQL Server 2000 since its ship date.
SP1 for SQL Server 2000 is provided in three parts to reduce the size of downloads: Database Components, Analysis Services Components, and Desktop Engine (MSDE).
Requirements:
- Supported Operating Systems: Windows 2000 Advanced Server; Windows 2000 Professional Edition ; Windows 2000 Server; Windows Server 2003, Datacenter x64 Edition; Windows Server 2003, Enterprise x64 Edition; Windows Server 2003, Standard x64 Edition; Windows Small Business Server 2003 ; Windows XP Home Edition ; Windows XP Media Center Edition; Windows XP Professional Edition
- PC with Intel or compatible Pentium 166 MHz or higher processor
- Minimum of 64 MB of RAM (128 MB or more recommended)
- 100 MB of available hard disk space for new install of MSDE
Microsoft SQL Server 2000 Patch: Potential Query Security Issue Update
Microsoft SQL Server 2000 Patch: Potential Query Security Issue Update is a reliable and useful live update module if you are running Microsoft SQL Server English Query applications or Model testing English Query applications with Microsoft Visual Studio. more>>
Microsoft SQL Server 2000 Patch: Potential Query Security Issue Update is a reliable and useful live update module if you are running Microsoft SQL Server English Query applications or Model testing English Query applications with Microsoft Visual Studio. You should apply the English Query update to ensure the most robust English Query server configuration.
Microsoft SQL Server 2000 Service Pack 1 Analysis Services Components 1.0
Get the latest fixes for Microsoft SQL Server 2000. more>>
Microsoft SQL Server 2000 Service Pack 1 Analysis Services Components 1.0 is a useful software which is created to address specific issues that were discovered in SQL Server 2000 since its ship date.
SP1 for SQL Server 2000 is provided in three parts to reduce the size of downloads: Database Components, Analysis Services Components, and Desktop Engine (MSDE).
WareSeeker Editor
Microsoft SQL Server 2000 Patch: Extended Stored Procedures Vulnerability Update
Microsoft SQL Server 2000 Patch: Extended Stored Procedures Vulnerability Update offers you a patch designed to eliminate a security vulnerability in Microsoft® SQL Server® 7.0 and Microsoft SQL Server 2000. more>> <<less
Microsoft SQL Server 2000 - Text Formatting Functions Contain Unchecked Buffers 354983
Microsoft SQL Server 2000 - Text Formatting Functions Contain Unchecked Buffers is the security fix which is previously published under Q304850. more>>
Microsoft SQL Server 2000 - Text Formatting Functions Contain Unchecked Buffers 354983 is the security fix which is previously published under Q304850.
SQL Server 2000 provides a number of functions that enable database queries to generate text messages. In some cases, the functions create a text message and store it in a variable; in others, the functions directly display the message. A vulnerability has been discovered with these functions.
Use of an invalid format type character may allow SQL Server to overwrite an internal buffer that may overwrite an address in the SQL Server process space with arbitrary data. If SQL Server overwrites an address in the SQL Server process space with arbitrary data, SQL Server may potentially allow you to execute arbitrary code within SQL Server or the SQL Server process may abnormally terminate.
Microsoft SQL Server 2000 Remote Data Source Function Contains Unchecked Buffers Q316333
Microsoft SQL Server 2000 Remote Data Source Function Contains Unchecked Buffers is a professional and smart program which can connect to remote data sources. more>>
Microsoft SQL Server 2000 Remote Data Source Function Contains Unchecked Buffers Q316333 is a professional and smart program which can connect to remote data sources.
One capability of this feature is the ability to use ad hoc connections to connect to remote data sources without setting up a linked server for less-often used data-sources. This is made possible through the use of OLE DB providers, which are low-level data source providers. This capability is made possible by invoking the OLE DB provider directly by name in a query to connect to the remote data source.
An unchecked buffer exists in the handling of OLE DB provider names in ad hoc connections. A buffer overrun could occur as a result and could be used to either cause the SQL Server service to fail, or to cause code to run in the security context of the SQL Server. SQL Server can be configured to run in various security contexts, and by default runs as a domain user. The precise privileges the attacker could gain would depend on the specific security context that the service runs in.
An attacker could exploit this vulnerability in one of two ways. They could attempt to load and execute a database query that calls one of the affected functions. Conversely, if a web-site or other database front-end were configured to access and process arbitrary queries, it could be possible for an attacker to provide inputs that would cause the query to call one of the functions in question with the appropriate malformed parameters.
