CPE: McAfee AudioParasitic: Episode 38 M$ Sec bulletin
length: 00:11:01
MS08-039: vulnerabilities
in Outlook Web Access (OWA) for Microsoft Exchange Server.
MS08-038: Windows Explorer that could allow remote code
execution when a specially crafted saved-search file is opened and saved.
Affecting Windows Vista and Windows Server 2008.
MS08-037: vulnerabilities in the Windows Domain Name
System (DNS) that could allow spoofing. These vulnerabilities exist in both the
DNS client and DNS server and could allow a remote attacker to redirect network
traffic intended for systems on the Internet to the attacker’s own systems.
DNS insufficient socket entropy vulnerability
MS08-040: Vulnerabilities in Microsoft SQL Server Could
Allow Elevation of Privilege –pretty wide OS range
Buffer over run vul – convert function
Memory corruption
Mostly sql injection – not coding flaw
Not platform independent
Issue with query language itself.
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home