Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » SQL   (RSS)
Wednesday, September 02, 2009 4:31 PM

SQL Server information disclosure non-vulnerability

We’ve gotten some questions about a reported issue with SQL Server exposing plaintext user passwords. We investigated the issue and found that attackers would need administrative control of a SQL Server to extract passwords from it . We checked with the
Posted by swiblog | (Comments Off)
Filed under: ,
Monday, December 22, 2008 10:13 AM

More information about the SQL stored procedure vulnerability

Security Advisory 961040 provides mitigations and workarounds for a newly-public post-authentication heap buffer overrun in SQL Server, MSDE, and SQL Express. This blog post goes into more detail about the attack surface for each affected version and
Posted by swiblog | (Comments Off)
 
Page view tracker