MSSQLServer查詢有效性檢查漏洞

字號:

受影響系統(tǒng):
    Microsoft Data Engine 1.0
    - Microsoft Visual Studio 6.0
    - Microsoft Windows NT 4.0
    - Microsoft Access 2000
    + Microsoft Office 2000
    - Microsoft Windows 98
    - Microsoft Windows 95
    - Microsoft Windows NT 4.0
    - Microsoft Windows NT 2000.0
    Microsoft SQL Server 7.0
    - Microsoft Windows NT 4.0
    - Microsoft BackOffice 4.5
    - Microsoft Windows NT 4.0
    描述:
    by Microsoft Security Bulletin
    Microsoft SQL Serve 7.0和Data Engine(數(shù)據(jù)引擎)接收SQL查詢時有可能造成數(shù)據(jù)庫或系統(tǒng)被入侵。任何經(jīng)過SQL驗證的用戶都有可能能夠通過SQL SELECT命令以數(shù)據(jù)擁有者或管理員權限執(zhí)行命令。
    建議:
    Microsoft公司提供以下安全補丁:
    Microsoft Data Engine 1.0:
    Microsoft patch s70780a (Alpha Version)
    http://www.microsoft.com/downloads/release.asp?ReleaseID=19132
    Microsoft patch s70780i (Intel Version)
    http://www.microsoft.com/downloads/release.asp?ReleaseID=19132
    Microsoft SQL Server 7.0:
    Microsoft patch s70780a (Alpha Version)
    http://www.microsoft.com/downloads/release.asp?ReleaseID=19132
    Microsoft patch s70780i (Intel Version)
    http://www.microsoft.com/downloads/release.asp?ReleaseID=19132