Five Microsoft Security Bulletins Released

Microsoft was pretty active in the past few days – they released five security bulletins dealing with the following products: SQL Server 2000, Windows Media Player, Microsoft Metadirectory and Microsoft Exchange 5.5 security issues.

Microsoft Security Bulletin MS02-039
Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution
http://www.net-security.org/advisory.php?id=876

SQL Server 2000 introduces the ability to host multiple instances of SQL Server on a single physical machine. Each instance operates for all intents and purposes as though it was a separate server. However, the multiple instances cannot all use the standard SQL Server session port (TCP 1433). While the default instance listens on TCP port 1433, named instances listen on any port assigned to them. The SQL Server Resolution Service, which operates on UDP port 1434, provides a way for clients to query for the appropriate network endpoints to use for a particular SQL Server instance.

Microsoft Security Bulletin MS02-032
Cumulative Patch for Windows Media Player (Version 2.0)
http://www.net-security.org/advisory.php?id=875

On June 26, 2002, Microsoft released the original version of this bulletin, which described the patch it provided as being cumulative. We subsequently discovered that a file had been inadvertently omitted from the patch. While the omission had no effect on the effectiveness of the patch against the new vulnerabilities discussed below, it did mean that the patch was not cumulative. Specifically, the original patch did not include all of the fixes discussed in Microsoft Security Bulletin MS01-056. We have repackaged the patch to include the file and are re-releasing it to ensure that it truly is cumulative.

Microsoft Security Bulletin MS02-038
Cumulative Patch for SQL Server 2000 Service Pack 2
http://www.net-security.org/advisory.php?id=874

This patch eliminates two newly discovered vulnerabilities affecting SQL Server 2000 and MSDE 2000

Microsoft Security Bulletin MS02-037
Server Response To SMTP Client EHLO Command Results In Buffer Overrun
http://www.net-security.org/advisory.php?id=873

The Internet Mail Connector (IMC) enables Microsoft Exchange Server to communicate with other mail servers via SMTP. When the IMC receives an SMTP extended Hello (EHLO) protocol command from a connecting SMTP server, it responds by sending a status reply that starts with the following: 250 Exchange server ID Hello Connecting server ID

Microsoft Security Bulletin MS02-036
Authentication Flaw in Microsoft Metadirectory Services Could Allow Privilege Elevation
http://www.net-security.org/advisory.php?id=872

Microsoft Metadirectory Services (MMS) is a centralized metadirectory service that provides connectivity, management, and interoperability functions to help unify fragmented directory and database environments. It enables enterprises to link together disparate data repositories such as Exchange directory, Active Directory, third-party directory services, and proprietary databases, for the purpose of ensuring that the data in each is consistent, accurate, and can be centrally managed.