Reported August 07, 2002, by
Microsoft.
VERSION AFFECTED
Microsoft
Content Management Server 2001
DESCRIPTION
Three
new vulnerabilities exist in Content Management Server 2001, the most serious of
which could give an attacker full control over the server. These three
vulnerabilities consist of a buffer overrun in a low-level function that
performs user authentication, a SQL injection vulnerability, and two flaws that
affect a function that could let a user upload files to the server.
VENDOR
RESPONSE
The
vendor, Microsoft, has released Security
Bulletin MS02-041
(Unchecked Buffer in Content Management Server Could Enable Server Compromise)
to address this vulnerability and recommends that affected users download and
apply the appropriate patch mentioned in the security bulletin.
CREDIT
Discovered by Joao
Gouveia.
Multiple Vulnerabilities in Microsoft Content Management Server 2001
0 comments
Hide comments