Microsoft has issued five security bulletins for its products with warnings that the most serious of its security flaws could allow an attacker to take over the database functions of SQL Server 2000.
The five advisories have been released for vulnerabilities discovered in SQL Server 2000, Microsoft Exchange Server and Metadirectory Services 2.2.
Two buffer overruns in SQL Server 2000 Server Resolution Service are the most serious of the vulnerabilities. These could allow an attacker to completely compromise a server and its data without authentication.
The third threat comes from a denial of service vulnerability. Microsoft said SQL uses a keep-alive mechanism to distinguish between active and passive instances. But it is possible to create a keep-alive packet that, when sent to the Resolution Service, would cause SQL Server 2000 to respond in a similar fashion.
An attacker who creates such a packet, spoofs the source address and sends it to an SQL Server 2000 system could cause the two systems to enter a never-ending cycle of keep-alive packet exchanges, Microsoft warned.
Less serious are two flaws in utilities for database consistency checks and database replication found in Microsoft Exchange Server and Metadirectory Services 2.2.
These flaws lie in the way the server responds to "extended Hello" SMTP messages from other servers. Under certain conditions, an attacker could overflow a buffer in the Internet Mail Connector and have the ability to execute code on the server.
Patches for the above flaws are available at Microsoft's TechNet website,here.
Molybdenum ditelluride is a two-dimensional material that can be easily stacked into multiple layers to create a memory cell
New light-guiding nanoscale device can control and monitor a nanoparticle trapped in a laser beam with high sensitivity
Optical traps are scientific instruments in which a focused laser beam is used to exert an attractive or repulsive force on a microscopic object to hold it in place
Scientists estimate that the exoplanet has already lost up to 35 per cent of its mass over its lifetime
The observations were made using the Atacama Array in the Chilean desert