-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Brief November 21, 2002
Microsoft MDAC Remote Compromise Vulnerability Synopsis: Microsoft has released a security bulletin detailing a vulnerability in Microsoft MDAC technology. MDAC or Microsoft Data Access Components is a core component of the Windows operating system and Microsoft IIS (Internet Information Server). MDAC provides database connectivity to Microsoft clients and servers. A buffer overflow flaw exists within the RDS (Remote Data Services) component of MDAC. Impact: ISS X-Force defines this issue as "High Risk". Remote attackers can take advantage of this vulnerability to gain "System" level privileges on vulnerable IIS installations. However, X-Force believes the scope of the issue and the estimated number of vulnerable systems has been exaggerated. While MDAC is enabled by default, RDS features are not accessible on default Windows 2000 installations running IIS. There are also significant mitigating factors in place to limit exploitation of this issue by way of email clients or Web browsers. Affected Versions MDAC 2.1 MDAC 2.5 MDAC 2.6 Internet Explorer 5.01 Internet Explorer 5.5 Internet Explorer 6.0 Note: Windows XP users are not at risk. Windows XP is shipped with MDAC version 2.7 and it is not affected. Email users of Outlook 98 or Outlook 2000 and the Outlook Email Security Update are not affected. Email users of Outlook 6 or Outlook 2002 are also not affected. For the complete ISS X-Force Security Alert, please visit: http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21521 ______ About Internet Security Systems (ISS) Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a pioneer and world leader in software and services that protect critical online resources from an ever- changing spectrum of threats and misuse. Internet Security Systems is headquartered in Atlanta, GA, with additional operations throughout the Americas, Asia, Australia, Europe and the Middle East. Copyright (c) 2002 Internet Security Systems, Inc. All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this document. It is not to be edited or altered in any way without the express written consent of the Internet Security Systems X-Force. If you wish to reprint the whole or any part of this document in any other medium excluding electronic media, please email [EMAIL PROTECTED] for permission. Disclaimer: The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information. X-Force PGP Key available on MIT's PGP key server and PGP.com's key server, as well as at http://www.iss.net/security_center/sensitive.php Please send suggestions, updates, and comments to: X-Force [EMAIL PROTECTED] of Internet Security Systems, Inc. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBPd0veDRfJiV99eG9AQFongP8CWfR76EOh5Yrg5bSU2WiXDOEm6ufOoWf VJD07ZnnZrO6V16pAXK7mc6S+cbxdkn/MSqsX6VB6gX3gCOm/SrFexCrTYARrwxo bHwghTyZsob+oYK1Xf/RnqBqGJ4FgKp5hyTVglqpj+PnFt6OiZVKaWD4/8iqR6Fw R0Jfyg+WoPU= =VJVU -----END PGP SIGNATURE----- _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
