Here is an ISS knowledge base article on how to check the version of MDAC running on a machine.
https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_sid=K1jGD fvg&p_lva=&p_faqid=922&p_created=1017412434&p_sp=cF9ncmlkc29ydD0mcF9yb3dfY25 0PTk4NiZwX3NlYXJjaF90ZXh0PU1EQUMgdmVyc2lvbiZwX3NlYXJjaF90eXBlPTMmcF9wcm9kX2x 2bDE9fmFueX4mcF9wcm9kX2x2bDI9fmFueX4mcF9jYXRfbHZsMT1_YW55fiZwX3NvcnRfYnk9ZGZ sdCZwX3BhZ2U9MQ**&p_li= While we are on this subject, I found that Real Secure ships with MDAC 2.6 which is vulnerable to the BO. Has anybody attempt to upgrade to MDAC to 2.7 on their Workgroup Manager and have it running without problems? Regards Gabriel Li, Information Security One (Hong Kong) Limited Suite 1903, Chinachem Exchange Square, 1 Hoi Wan Street, Quarry Bay Hong Kong -----Original Message----- From: Sopatyk, Donna [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 26, 2002 1:29 AM To: [EMAIL PROTECTED] Subject: [ISSForum] Version of MDAC on ISS Microsoft Data Access Components contain a buffer overflow that could lead to code execution in MSIE and on vulnerable IIS servers. I wanted to inquire about what version System Scanner is for the MDAC service. I know there was an update lately on it, but I don't know where to check to see what version it is currently at. Thanks Donna Sopatyk EDS _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
