Over 1 million tech questions and answers.

Unchecked Buffer in Content Management Server Could Enable Server Compromise: Aug 7

Q: Unchecked Buffer in Content Management Server Could Enable Server Compromise: Aug 7

Hiya

Microsoft Content Management Server (MCMS) 2001 is a .Net Enterprise
Server product that simplifies developing and managing e-business
web sites. Microsoft has learned of three security vulnerabilities
affecting it:

- A buffer overrun in a low-level function that performs user
authentication. At least one web page included with MCMS 2001
passes inputs directly to the function, thereby potentially
providing a way for an attacker to overrun the buffer. The
result of exploiting the vulnerability would be to either
cause MCMS to fail, or run code in the context of the MCMS
service (which runs as Local System).

- A vulnerability resulting from the confluence of two flaws
affecting a function that allows files to be uploaded to the
server. The first flaw lies in how the function authenticates
requests, and would allow any user to submit an upload request.
The second results because it is possible to override the upload
location; where the function should upload files to a folder that
only privileged users can access, it can be overridden to upload
it to a temporary folder that does allow unprivileged users to
call it. By exploiting the two flaws in tandem, an attacker
could upload an .ASP or other file to the server, in a location
from which it could be executed.

- A SQL injection vulnerability affecting a function that services
requests for image files and other resources. Exploiting the
vulnerability could enable an attacker to run SQL commands on the
server, which would not only allow data in the MCMS database to
be added, changed or deleted, but also would enable the attacker
to run operating system commands on the server.
Maximum Severity Rating: Critical

Affected Software:

Microsoft Content Management Server 2001
Download locations for this patch

Microsoft Content Management Server 2001:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41266

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-041.asp

Regards

eddie

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Unchecked Buffer in Content Management Server Could Enable Server Compromise: Aug 7

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 171.6

Hiya

The Microsoft Data Access Components (MDAC) provide a number of
supporting technologies for
accessing and using databases. Included among these functions is the
underlying support for
the T-SQL OpenRowSet command. A security vulnerability results
because the MDAC functions
underlying OpenRowSet contain an unchecked buffer.

An attacker who submitted a database query containing a specially
malformed parameter within
a call to OpenRowSet could overrun the buffer, either for the purpose
of causing the SQL
Server to fail or causing the SQL Server service to take actions
dictated by the attacker.

Maximum Severity Rating: Moderate

Affected Software:

Microsoft Data Access Components 2.5
Microsoft Data Access Components 2.6
Microsoft Data Access Components 2.7
Download locations for this patch
MDAC 2.5:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41076

MDAC 2.6:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41077

MDAC 2.7:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41072
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-040.asp

Regards

eddie
 

Read other answers
RELEVANCY SCORE 149.6

Hiya

Microsoft Windows 2000 supports the World Wide Web Distributed
Authoring and Versioning (WebDAV) protocol. WebDAV, defined in
RFC 2518, is a set of extensions to the Hyper Text Transfer
Protocol (HTTP) that provide a standard for editing and file
management between computers on the Internet. A security
vulnerability is present in a Windows component used by WebDAV,
and results because the component contains an unchecked buffer.

An attacker could exploit the vulnerability by sending a
specially formed HTTP request to a machine running Internet
Information Server (IIS). The request could cause the server to
fail or to execute code of the attacker's choice. The code would
run in the security context of the IIS service (which, by
default, runs in the LocalSystem context).

Although Microsoft has supplied a patch for this vulnerability
and recommends customers install the patch immediately,
additional tools and preventive measures have been provided that
customers can use to block the exploitation of this vulnerability
while they are assessing the impact and compatibility of the
patch. These temporary workarounds and tools are discussed in the
"Workarounds" section in the FAQ below.
Maximum Severity Rating: Critical

Affected Software:

Microsoft Windows 2000

Download locations for this patch Microsoft Windows 2000:
The patch for Windows 2000 is available at the following location:
All except Japanese NEC

Japanese NEC

http://ww... Read more

A:Unchecked Buffer In Windows Component Could Cause Web Server Compromise: Mar 17

Hiya

V2.0 (April 23, 2003): Updated to include details of NT 4.0 patch

Microsoft Windows NT 4.0:
All except NEC and Chinese - Hong Kong

Japanese NEC - to follow

Chinese - Hong Kong

Windows NT 4.0, Terminal Server Edition:
All
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-007.asp
Regards

eddie
 

Read other 2 answers
RELEVANCY SCORE 148

Hiya

By default, Commerce Server 2000 installs a .dll with an ISAPI
filter that allows the server to provide extended functionality in
response to events on the server. This filter, called AuthFilter,
provides support for a variety of authentication methods.
Commerce Server 2000 can also be configured to use other
authentication methods.

A security vulnerability results because AuthFilter contains an
unchecked buffer in a section of code that handles certain types
of authentication requests. An attacker who provided
authentication data that overran the buffer could cause the
Commerce Server process to fail, or could run code in the
security context of the Commerce Server process. The
process runs with LocalSystem privileges, so exploiting the
vulnerability would give the attacker complete control of
the server.

Affected Software:

Microsoft Commerce Server 2000

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-010.asp

Regards

eddie
 

Read other answers
RELEVANCY SCORE 94.8

Hiya

WoodgroveASP Sample Site

This sample demonstrates how to build a Microsoft Content Management Server 2002 Web site in ASP.

System Requirements
Supported Operating Systems: Windows 2000

Microsoft Content Management Server 2002

http://www.microsoft.com/downloads/...ab-8f56-4ddd-b0ab-092107ed1a85&DisplayLang=en

Woodgrove International Sample Site

This sample demonstrates three different ways to build a multilingual Web site using Microsoft Content Management Server 2002

System Requirements
Supported Operating Systems: Windows 2000

Microsoft Content Management Server 2002

http://www.microsoft.com/downloads/...42-b0d5-4866-9c73-2a52598c91dd&DisplayLang=en

Woodgrove Intranet Sample Site

This sample demonstrates how to build a framed Intranet site with Microsoft Content Management Server 2002.

System Requirements
Supported Operating Systems: Windows 2000

Microsoft Content Management Server 2002

http://www.microsoft.com/downloads/...80-0d16-4275-895c-414ed5a9299b&DisplayLang=en

WoodgroveNetVB Sample Site

This sample demonstrates how to use Visual Basic .NET to build a site with Microsoft Content Management Server 2002

System Requirements
Supported Operating Systems: Windows 2000

Microsoft Content Management Server 2002
http://www.microsoft.com/downloads/...6c-f2b2-4ed0-a209-54f3ee35322a&DisplayLang=en

Regards

eddie
 

Read other answers
RELEVANCY SCORE 93.6

Hiya

Bit late, but then I do have an excuse

This Service Pack (SP1) is an update for the production version of Content Management Server 2001 and is not supported for the Evaluation Edition of Microsoft Content Management Server.

System Requirements

Server
Microsoft Content Management Server 2001
Microsoft Windows® 2000 Server, Advanced Server, or DataCenter Server
Microsoft SQL ServerTM 7.0 or 2000
Microsoft Internet Information Services (IIS) 5.0

Site Builder Client
Windows 2000 Professional, Server, Advanced Server, ME, or 98
Microsoft Internet Explorer 5.x

Operating System - Windows 2000

http://www.microsoft.com/downloads/release.asp?ReleaseID=35205&area=search&ordinal=1

Regards

eddie
 

Read other answers
RELEVANCY SCORE 93.6

Hiya

Issue:
======
Microsoft Content Management Server (MCMS) 2001 is an Enterprise
Server product that simplifies developing and managing E-Commerce
web sites. MCMS includes a number of pre-defined ASP web pages that
allow web site operators to quickly set up E-business websites.

A Cross-Site Scripting flaw exists in one of these ASP pages that
could allow an attacker to insert script into the data being sent
to a MCMS server. Because the server generates a web page in
response to a user request made using this page, it is possible that
the script could be embedded within the page that CMS generates and
returns to the user, this script would then run when processed by
the user's browser. This could result in an attacker being able to
access information the user shared with the legitimate site.

An attacker might attempt to exploit this flaw by crafting a
malicious link to a valid site that the user intended to visit.
If the attacker were able to get a user to click the link-most
likely by sending the link in an email-then it could be possible
for the attacker to take a variety of actions. The attacker could
alter the data that appeared to be contained on the web pages
presented by the legitimate site, monitor the user's session with
the legitimate site and copy personal data from the legitimate site
to a site under the attacker's control, or access the legitimate
site's cookies.

Mitigating Factors:
====================
- This flaw is not present in Mic... Read more

Read other answers
RELEVANCY SCORE 93.6

Hiya

The document discusses solutions and best practices for common challenges that Web site architects may face while deploying and/or integrating Authoring Connector into a Microsoft® Content Management Server (MCMS) 2002 environment. Using Authoring Connector, authors can quickly create and update content on the site with minimal knowledge of the site architecture or structure using tasks predefined by a site administrator.

System Requirements
Supported Operating Systems: Windows 2000

Microsoft Office
http://www.microsoft.com/downloads/...cf-7dfe-4ca0-b46d-2fb4b3cb66fd&DisplayLang=en

Regards

eddie
 

Read other answers
RELEVANCY SCORE 92.8

Hiya

Demonstrates how to plan your MCMS 2002 deployment to maximize performance, how to estimate site capacity with transaction cost analysis, and provides best practices and instructions for installing an MCMS 2002, 13-computer, 3-tier, sample, secure deployment that can easily be scaled out to meet the needs of your enterprise. Additionally, it provides troubleshooting tips and answers frequently asked questions about installing and using MCMS 2002.
System Requirements
Supported Operating Systems: Windows 2000 Service Pack 3

Microsoft Office

http://www.microsoft.com/downloads/...cb-bcdc-4f89-8b01-0918288ab795&DisplayLang=en

Regards

eddie
 

Read other answers
RELEVANCY SCORE 92.8

Hiya

Demonstrates how to plan your MCMS 2002 deployment to maximize performance, how to estimate site capacity with transaction cost analysis, and provides best practices and instructions for installing an MCMS 2002, 13-computer, 3-tier, sample, secure deployment that can easily be scaled out to meet the needs of your enterprise. Additionally, it provides troubleshooting tips and answers frequently asked questions about installing and using MCMS 2002

System Requirements
Supported Operating Systems: Windows 2000 Service Pack 3

Microsoft Office

http://www.microsoft.com/downloads/...24-c281-4fd6-966c-ac4c68106010&DisplayLang=en

Regards

eddie
 

Read other answers
RELEVANCY SCORE 92.8

Hiya

PDF

The Microsoft Content Management Server (MCMS) architecture is flexible, pluggable, and easily adaptable, allowing for a modular approach to building your Web site; for example, you can exchange outdated or under-performing modules for a preferred, more dynamic solution. In Integration Techniques and Strategies for Content Management Server 2002, we’ll examine a variety of integration options available to you when designing your Web sites. The methodology we present is simple, secure, and extendable. We take the WoodgroveNet sample site which shipped as a sample with MCMS 2002 and build integration components to show integration with search engines, workflow engines, authentication systems, and other software. Some techniques and strategies include:

Using the MCMS .NET-based managed APIs
Using the MCMS COM-based Site Deployment API
Creating user controls and dialog boxes within the Web Author
Creating custom placeholder controls in Microsoft Visual Studio® .NET
Creating components that communicate with each external system

You'll find that the integration components add many new features to the WoodgroveNet site, including the ability to search, extend the publishing workflow, change the authentication schema, add content such as Flash, and manage resources outside of MCMS.

System Requirements
Supported Operating Systems: Windows 2000, Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows Server 2003

Adobe Acrobat 4.0 Reader
http://www.micr... Read more

Read other answers
RELEVANCY SCORE 92.8

Hiya

MCMS 2002 SP1 contains a collection of hotfixes and security fixes, as well as added functionality for Windows Server 2003, Visual Studio .NET 2003, and .NET Framework 1.1.
Please be sure to read and review the SP1 documentation before installing SP1.

System Requirements
Supported Operating Systems: Windows 2000, Windows Server 2003

Microsoft Content Management Server 2002 must be installed before installing SP1.

Please see the SP1 documentation available from this page, as well as the MCMS 2002 Installation Guide on the Content Management Server Product Documentation Web page
for a full list of system requirements

http://www.microsoft.com/downloads/...27-b778-4c2a-8d06-95a7246b1a60&DisplayLang=en

Regards

eddie
 

Read other answers
RELEVANCY SCORE 92

Hiya

This is a collection of Questions and Answers about Microsoft® Content Management Server (MCMS). If you have feedback about one of these topics or would like to add information, please post your comments to the MCMS newsgroup.
System Requirements
Supported Operating Systems: Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows Server 2003

MCMS

http://www.microsoft.com/downloads/...a1-0452-4462-90ec-48ce352b7ac7&DisplayLang=en

Regards

eddie
 

A:Microsoft Content Management Server (MCMS) Frequently Asked Questions

Hi
Can help me, im beging with the content management server, can say me, how create a page default for navigate in my site and active the option of edit mode with C# or where can find information relating with content management server

Tanks
 

Read other 2 answers
RELEVANCY SCORE 92

Hiya

The Microsoft Content Management Server 2002 (MCMS) Web Author enables non-technical content contributors, who have the appropriate rights, to create and approve content on a Web site. Using the Web Author console, content contributors can update the Web site without leaving their Internet Explorer Web browser.

By modifying the code included in an MCMS project, you can easily customize the Web Author console to meet your business needs. For example, you can change the look of the Web Author console, remove actions, hide or show status messages, and create a new channel action.

This document describes the architecture of the Web Author console, and it explains how you can customize and extend the Web Author console for use with ASP.NET-based sites.

The examples in this document use the WoodgroveNet sample site, which is included on the MCMS product CD.

System Requirements
Supported Operating Systems: Windows 2000

Microsoft Office

http://www.microsoft.com/downloads/...2f-18ec-4bc4-b3b2-7e646f47ca60&DisplayLang=en

Regards

eddie
 

Read other answers
RELEVANCY SCORE 90.8

Hiya

This document describes how to build Web sites that support browsing by mobile devices. The Microsoft Mobile Internet Toolkit is used in examples that discuss guidelines and approaches in building multiple-device support into an MCMS site.

System Requirements
Supported Operating Systems: Windows 2000

Microsoft Office
http://www.microsoft.com/downloads/...b3-c4a6-43c5-9b39-ad563938f25a&DisplayLang=en

Regards

eddie
 

Read other answers
RELEVANCY SCORE 85.2

Hiya
This is a spoofing vulnerability that exists in the affected products and that could enable an attacker to spoof trusted Internet content. Users could believe they are accessing trusted Internet content when in reality they are accessing malicious Internet content, for example a malicious Web site. However, an attacker would first have to persuade a user to visit the attacker’s site to attempt to exploit this vulnerability.
Affected Software:

• Microsoft Proxy Server 2.0 Service Pack 1
• Microsoft Internet Security and Acceleration Server 2000 Service Pack 1 and Microsoft Internet Security and Acceleration Server 2000 Service Pack 2

Note The following software programs include Microsoft Internet Security and Acceleration Server 2000 (ISA Server 2000). Customers using these software programs should install the provided ISA Server 2000 security update.

• Microsoft Small Business Server 2000

• Microsoft Small Business Server 2003 Premium Edition

http://www.microsoft.com/technet/security/bulletin/ms04-039.mspx

eddie
 

Read other answers
RELEVANCY SCORE 83.2

Hiya

Emergency Management Services is a new feature in Microsoft Windows Server 2003 that supports remote management and system recovery for servers that are not accessible through a conventional connection. By using Emergency Management Services with other software and hardware components, you can remotely perform tasks such as recovering unresponsive servers and powering servers off and on, even when they are not accessible through a standard network connection. Emergency management services also supports headless servers—those without a local keyboard, monitor, or mouse. This document provides an overview of Emergency Management Services and its components. It explains how to choose and configure hardware and software that supports Emergency Management Services. It provides guidance for enabling Emergency Management Services, and information about using this technology to troubleshoot problems with remote servers.
System Requirements
Supported Operating Systems: Windows Server 2003

Only servers running a Windows Server 2003 operating system can be monitored using Emergency Management Services. For additional hardware and software requirements, please consult the chapter.

http://www.microsoft.com/downloads/...a6-97d2-448c-a0dd-4cfaa0be7d14&DisplayLang=en

Regards

eddie
 

Read other answers
RELEVANCY SCORE 82.8

Hiya

This document describes the monitoring scenarios that are supported by the Microsoft® SQL Server™ Management Pack Refresh and includes detailed instructions for configuring and tuning the Management Pack. This guide also includes reference information that lists the contents of the Management Pack, including reports, computer groups, scripts, default public views, and processing rule groups.
System Requirements
Supported Operating Systems: Windows 2000, Windows Server 2003, Windows XP

Run Microsoft Word to view the document.
http://www.microsoft.com/downloads/...b3-622a-4e2e-872e-08244565f254&DisplayLang=en

Regards

eddie
 

Read other answers
RELEVANCY SCORE 72.8

Hiya

ASP.NET is a collection of technologies that help developers to
build web-based applications. Web-based applications, including
those built using ASP.NET, rely on HTTP to provide connectivity.
One characteristic of HTTP as a protocol is that it is stateless,
meaning that each page request from a user to a site is reckoned
an independent request. To compensate for this, ASP.NET provides
for session state management through a variety of modes.

One of these modes is StateServer mode. This mode stores session
state information in a separate, running process. That process
can run on the same machine or a different machine from the
ASP.NET application. There is an unchecked buffer in one of the
routines that handles the processing of cookies in StateServer
mode. A security vulnerability results because it is possible
for an attacker to seek to exploit it by mounting a buffer
overrun attack. A successful attack could cause the ASP.NET
application to restart. As a result, all current users of
the web-based application would see their current session
restart and their current session information would be lost.

The StateServer mode is not the default mode for session
state management in ASP.NET. ASP.NET applications using
StateServer mode that do not use cookies are not vulnerable.

Maximum Severity Rating: Moderate

Affected Software:

Microsoft .NET Framework version 1.0, of which ASP.NET is a component

Download locations for this patch :

Microsoft .NET Framework version... Read more

Read other answers
RELEVANCY SCORE 72.4

Hiya
Networked, distributed computing environments require continuous maintenance, including the application of patches and fixes. The need to apply patches is not necessarily the result of flaws or deficiencies in operating systems or applications. Patches may be required to maintain a viable IT environment in the face of software updates, to block opportunities to exploit extended technologies, or to neutralize emerging security threats. These factors exist in all development and production environments. The critical question facing IT managers is how well their organizations will manage the inevitable patch management process.
This solution accelerator is designed to help consultants, partner organizations, and internal IT support staff develop a comprehensive patch management solution for their organizations
System Requirements

Supported Operating Systems: Windows 2000, Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows 95, Windows 98, Windows 98 Second Edition, Windows ME, Windows NT, Windows Server 2003, Windows XP

Microsoft Word is required to view the content.
http://www.microsoft.com/downloads/...ef-2d53-444c-b29b-31e9c169c5a5&DisplayLang=en

Regards

eddie
 

A:Patch Management Using Systems Management Server 2.0

unsticking
 

Read other 1 answers
RELEVANCY SCORE 71.2

Hiya

To allow for verification of the authenticity of mail messages,
Microsoft Outlook Express supports digital signing of
messages through S/MIME. A buffer overrun vulnerability lies in the
code that generates the warning message when a particular
error condition associated with digital signatures occurs.

By creating a digitally signed email and editing it to introduce
specific data, then sending it to another user, an attacker
could cause either of two effects to occur if the recipient opened or
previewed it. In the less serious case, the attacker
could cause the mail client to fail. If this happened, the recipient
could resume normal operation by restarting the mail
client and deleting the offending mail. In the more serious case, the
attacker could cause the mail client to run code of
their choice on the user's machine. Such code could take any desired
action, limited only by the permissions of the recipient
on the machine.

This vulnerability could only affect messages that are signed using
S/MIME and sent to an Outlook Express user. Users of
Microsoft Outlook products are not affected by this vulnerability.

Maximum Severity Rating: Critical

Affected Software:

Microsoft Outlook Express 6.0
Microsoft Outlook Express 5.5
Notes:
The fix for this issue was included in Windows XP Service Pack 1, and in Internet Explorer 6.0 Service Pack 1.
Microsoft Outlook is a different product than Microsoft Outlook Express, and is not affected by the vulnerabili... Read more

Read other answers
RELEVANCY SCORE 70.4

Who should read this bulletin:

Customers using Microsoft® Windows® 98, Windows Me, Windows NT® 4.0, Windows 2000, or Windows XP.

Impact of vulnerability: Attacker could gain control over user’s system.

Maximum Severity Rating: Critical

Recommendation: Customers should install the patch immediately.

Affected Software:

Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition
Microsoft Windows NT 4.0
Microsoft Windows NT 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP

Read about it <a href="http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-055.asp"> here</a>.
 

A:Critical Patch- Unchecked Buffer in Windows

Read other 7 answers
RELEVANCY SCORE 70

An application failed to D/L .Net Framework Version upgrade from MS, apparently because the Server did not specify content length.

Does anyone have any idea how I can fix this ?

I recently installed Firefox and re-installed my OS, I am sure it needs updates but I would like to proceed, I have been having problems updating.

Read other answers
RELEVANCY SCORE 69.6

Hiya

SMB (Server Message Block) is the protocol Microsoft uses to share
files, printers, serial ports, and also to communicate between
computers using named pipes and mail slots. In a networked
environment, servers make file systems and resources available to
clients. Clients make SMB requests for resources and servers make
SMB responses in what described as a client server, request-
response protocol.

By sending a specially crafted packet request, an attacker can mount
a denial of service attack on the target server machine and crash
the system. The attacker could use both a user account and anonymous
access to accomplish this. Though not confirmed, it may be possible
to execute arbitrary code.

Affected Software:

Microsoft Windows NT 4.0 Workstation
Microsoft Windows NT 4.0 Server
Microsoft Windows NT 4.0 Server, Terminal Server Edition
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows 2000 Advanced Server
Windows XP Professional
Maximum Severity Rating: Moderate

Download locations for this patch

Microsoft Windows NT 4.0:

http://www.microsoft.com/downloads/Release.asp?ReleaseID=41493
Microsoft Windows NT 4.0 Terminal Server Edition:

http://www.microsoft.com/downloads/Release.asp?ReleaseID=41519

Microsoft Windows 2000:

http://www.microsoft.com/downloads/Release.asp?ReleaseID=41468

Microsoft Windows XP:

http://www.microsoft.com/downloads/Release.asp?ReleaseID=41524
Microsoft Windows XP 64 bit Editio... Read more

A:Unchecked Buffer in Network Share Provider Vulnerability: Aug 22

Thanks for the heads up Eddie. One for System and Network admins to get to grips with ASAP.
 

Read other 1 answers
RELEVANCY SCORE 69.6

Hiya

With Microsoft Access Snapshot Viewer, you can distribute a snapshot
of a Microsoft Access database that allows the snapshot to be viewed
without having Access installed. For example, a customer may want to
send a supplier an invoice that is generated by using an Access
database. With Microsoft Access Snapshot Viewer, the customer can
package the database so that the supplier can view it and print it
without having Access installed.

The Microsoft Access Snapshot Viewer is available with all versions
of Access - though it is not installed by default - and is also
available as a separate stand-alone. The Snapshot Viewer is
implemented by using an ActiveX control.

A vulnerability exists because of a flaw in the way that Snapshot
Viewer validates parameters. Because the parameters are not correctly
checked, a buffer overrun can occur, which could allow an attacker to
execute the code of their choice in the security context of the
logged-on user.

For an attack to be successful, an attacker would have to persuade a
user to visit a malicious Web site that is under the attacker's
control.
Maximum Severity Rating: Moderate

Affected Software:

Microsoft Access 97
Microsoft Access 2000
Microsoft Access 2002
Download locations for this patch

Access 2002:

http://microsoft.com/downloads/deta...63-1BBE-4009-9DF8-52D3A916D54F&displaylang=en

(administrative update only)

http://microsoft.com/office/ork/xp/journ/snpv1001a.htm

Access 2000:

http:... Read more

Read other answers
RELEVANCY SCORE 69.6

Hiya

This is networking of a sort, I think.

ISS X-Force is aware of a serious vulnerability that may allow remote
attackers to launch Denial of Service (DoS) attacks against, or
compromise Microsoft Internet Information Server (IIS) installations.
This vulnerability exists in the Visual Studio Remote Application
Deployment (RAD) component of FrontPage Server Extensions

http://xforce.iss.net/alerts/advise85.php

Regards

eddie
 

Read other answers
RELEVANCY SCORE 69.2

I'm asking this on behalf of a friend of mine that has this problem. He recently downloaded several IE security updates, after which he had trouble getting online. When he checked his connection settings, he noticed the "Use Proxy Server" checkbox for his dialup connection was checked. Unchecking it allowed him on the net.

But here's the problem. The next time he reboots, the "Use Proxy Server" checkbox get's rechecked automatically. He has to uncheck after every reboot. Why is it not saving this setting?

-=Zzed=-
 

A:"Use Proxy Server" box won't stay unchecked

Read other 10 answers
RELEVANCY SCORE 69.2

Hiya

The Microsoft Locator service is a name service that maps logical
names to network-specific names. It ships with Windows NT 4.0,
Windows 2000, and Windows XP. By default, the Locator service is
enabled only on Windows 2000 domain controllers and Windows NT 4.0
domain controllers; it is not enabled on Windows NT 4.0 workstations
or member servers, Windows 2000 workstations or member servers,
or Windows XP.

A security vulnerability results from an unchecked buffer in the
Locator service. By sending a specially malformed request to the
Locator service, an attacker could cause the Locator service to
fail, or to run code of the attacker's choice on the system.

Mitigating Factors:
====================
- The Locator service is not enabled by default on any affected
versions of Windows with the exception of Windows 2000 domain
controllers and Windows NT 4.0 domain controllers.

- A properly-configured firewall would block the calls to the
Locator service, which would protect an affected machine from
an Internet-based attack.
Maximum Severity Rating: Critical

Affected Software:

Microsoft Windows NT 4.0
Microsoft Windows NT 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Download locations for this patch

Windows NT 4.0:

All except Japanese NEC and Chinese - Hong Kong

Japanese NEC

Chinese - Hong Kong

Windows NT 4.0, Terminal Server Edition:
ALL

Windows 2000:

All except Japanese NEC

Japanese NEC

Windows XP:

32... Read more

Read other answers
RELEVANCY SCORE 69.2

Hiya

The Windows Redirector is used by a Windows client to access files,
whether local or remote, regardless of the underlying network
protocols in use. For example, the "Add a Network Place" Wizard or
the NET USE command can be used to map a network share as a local
drive, and the Windows Redirector will handle the routing of
information to and from the network share.

A security vulnerability exists in the implementation of the
Windows Redirector on Windows XP because an unchecked buffer is
used to receive parameter information. By providing malformed data
to the Windows Redirector, an attacker could cause the system to
fail, or if the data was crafted in a particular way, could run
code of the attacker's choice.
Maximum Severity Rating: Important

Affected Software:

Microsoft Windows XP

Download locations for this patch

Windows XP:
32-bit Edition

64-bit Edition

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-005.asp

Regards

eddie
 

Read other answers
RELEVANCY SCORE 69.2

Hiya

This is an update to a patch from June, but cannot find the thread anywhere here. Not by me, anyway

On June 12, 2002, Microsoft released the original version of this
bulletin. On July 2, 2002, the bulletin was updated to reflect the
availability of a revised patch. Although the original patch
completely eliminated the vulnerability, it had the side effect of
preventing non-administrative users from making VPN connections in
some cases. The revised patch correctly handles VPN connections.
The revised patch is immediately available from the Download Center
and will be soon made available via WindowsUpdate.

Issue:
======
The Remote Access Service (RAS) provides dial-up connections between
computers and networks over phone lines. RAS is delivered as a native
system service in Windows NT 4.0, Windows 2000 and Windows XP, and
also is included in a separately downloadable Routing and Remote
Access Server (RRAS) for Windows NT 4.0. All of these implementations
include a RAS phonebook, which is used to store information about
telephone numbers, security, and network settings used to dial-up
remote systems.

A flaw exists in the RAS phonebook implementation: a phonebook value
is not properly checked, and is susceptible to a buffer overrun. The
overrun could be exploited for either of two purposes: causing a
system failure, or running code on the system with LocalSystem
privileges. If an attacker were able to log onto an affected server
and modify a phonebook e... Read more

Read other answers
RELEVANCY SCORE 68.4

Hello,

I am a newbie over here. I am planning to subscribe Safesquid-Content Filtering Internet Proxy Server for my enterprise. Have any one of you use this software before? Any feedback will be appreciated.

Thanks,
David

A:Safesquid-Content Filtering Proxy Server

Sorry, I dont have any experience with it

Read other 2 answers
RELEVANCY SCORE 68.4

I am dated on things HTPC/Home-Entertainment and need a puzzle piece:
What is the right way to pull content off the web [say PBS documentaries from their site] and make available to all the HDTV's connected by ethernet and COAX to household fabric? Presumably the same network & server setup would stream stored movies, home vid, etc to any of the HDTV's.

Digging the web, I see a lot of tutorials, ideas, devices to do the reverse: stream all things to ipads/droids/pc/mac but not easily seeing what I describe.

pls help me get up the curve!

A:Streaming web content from one 'server' to Multi-HDTV

As long as the HDTVs support DLNA:
How to Turn Your Computer Into a DLNA Media Server

Many routers also have DLNA servers built into them and will stream media files from USB hard drives connected to them.

I have a Network Attached Storage (NAS) that has all my movies and TV Shows stored on it. It also has a DLNA server built in, but I use Kodi on my main HTPC which doesn't use DLNA to connect to the stored media - it does it's own, much nicer, interface.
My NAS:
D-Link Products - DNS-325 - ShareCenter 2-Bay Network Storage Enclosure, (2) 3.5" Bays, SATA, RAID 0/1, Gigabit Ethernet Port, USB Print Server, w/ Streaming Applications and Add-On Application support

Kodi (which also has a DLNA server built in):
Kodi | Open Source Home Theater Software

As stated in the article, Plex is very popular:
https://plex.tv/

The advantage of a router or NAS with DLNA built in is that you don't have to keep a server PC running. The disadvantage is that DLNA really only supplies folder/file structure and does not provide media descriptions/plots.

Read other 1 answers
RELEVANCY SCORE 68.4

I am dated on things HTPC/Home-Entertainment and need a puzzle piece:
What is the right way to pull content off the web [say PBS documentaries from their site] and make available to all the HDTV's connected by ethernet and COAX to household fabric? Presumably the same network & server setup would stream stored movies, home vid, etc to any of the HDTV's.

Digging the web, I see a lot of tutorials, ideas, devices to do the reverse: stream all things to ipads/droids/pc/mac but not easily seeing what I describe.

pls help me get up the curve!

A:Streaming web content from one 'server' to Multi-HDTV

As long as the HDTVs support DLNA:
How to Turn Your Computer Into a DLNA Media Server

Many routers also have DLNA servers built into them and will stream media files from USB hard drives connected to them.

I have a Network Attached Storage (NAS) that has all my movies and TV Shows stored on it. It also has a DLNA server built in, but I use Kodi on my main HTPC which doesn't use DLNA to connect to the stored media - it does it's own, much nicer, interface.
My NAS:
D-Link Products - DNS-325 - ShareCenter 2-Bay Network Storage Enclosure, (2) 3.5" Bays, SATA, RAID 0/1, Gigabit Ethernet Port, USB Print Server, w/ Streaming Applications and Add-On Application support

Kodi (which also has a DLNA server built in):
Kodi | Open Source Home Theater Software

As stated in the article, Plex is very popular:
https://plex.tv/

The advantage of a router or NAS with DLNA built in is that you don't have to keep a server PC running. The disadvantage is that DLNA really only supplies folder/file structure and does not provide media descriptions/plots.

Read other answers
RELEVANCY SCORE 68.4

Hello,

I am a newbie over here. I am planning to subscribe Safesquid-Content Filtering Internet Proxy Server for my enterprise. Have any one of you use this software before? Any feedback will be appreciated.

Thanks,
David
 

A:Safesquid-Content Filtering Proxy Server

Hi,
Stop posting the same question on all the forums on the web.
If this is so important to you, check them out at http://www.safesquid.com
It's got the best documentation on proxy s'ware, I have seen so far.
If that ain't enuff go to their Forum at http://www.safesquid.com/forum
But stop hounding the net for the same question.
It sounds like they fooled you or something.
If you don't stop soon enough, I'll tell your mama.
_________
malfunction
 

Read other 1 answers
RELEVANCY SCORE 68

I like to view music videos on a site called Launch.com. I have a high-speed cable connection (advertised at 500 kbs). Lately, when I try to view videos at the highest speed available (the site lets you stream at various speeds), there are pauses in the video, no video at all and sometimes breaks and pauses in the audio as well. Here are my questions:

Are there problems with Launch.com? Is their server gagging trying to keep up with the traffic? (remember--this used to work just fine until a month or two ago).

Is there something I can change in IE6.0 to change the buffering (or is it cache) for streaming? If so, how?
 

A:Streaming Content - Slow Server or Browser Setting??

You've got something choking back your system...Something interfering.

Have you updated your virus scanner & ran it lately?

Also have you scanned for spyware?

I recommend highly scanning at Housecalls. Its online, free & efficient.... For Virus, Worms & Trojans
Click Here!

and for spyware I recommend Ad-Aware.
Click here!

Please do these things & make sure they are taken care of before we go any farther.
Savvy
 

Read other 2 answers
RELEVANCY SCORE 68

Hello,

I am experiencing an error in relation to my lock screen. I have my lock screen set up to display a slideshow instead of turning off the monitor. Intermittently, upon returning to my computer and clicking the mouse I receive an error that states the lock screen content server has stopped working and needs to close. Upon acknowledging the error by clicking ok or whatever the button says the error goes away and all appears to be well. This issue doesn't appear to actually effect the slideshow. For me this is mostly just an annoyance but it is something I would like to solve. Upon reviewing my event log I can identify two potentially related errors. One is with LockScreenContentServer.exe and the other is with LogonUI.exe. Both appear to have a common denominator with nvwgf2umx.dll. I have a GTX 670 installed, running the Nvidia 340.52 drivers, which are the current WHQL drivers. I have windows 8.1 64 installed as well as all current windows updates. I also have Classic Shell installed. Currently my lock screen is set to not require a password to log back in. This error has occurred with a password required as well. I also only have a local account established instead of linking to a Microsoft account.

Below you will find the information from my event viewer:
- System

- Provider

[ Name] Application Error

- EventID 1000

[ Qualifiers] 0

Level 2

Task 100

Keywords 0x80000000000000

- TimeCreated

[ SystemTime] ... Read more

A:lock screen content server has stopped working

Added a screenshot of the error message.

Read other 15 answers
RELEVANCY SCORE 67.6

Hiya

This is the Microsoft Windows XP Embedded component update to address Microsoft Security Bulletin MS01-059: Unchecked Buffer in Universal Plug and Play can lead to System Compromise (Q315000).

For more information, please see Knowledge Base Article Q315000.

YOU MAY NOT PROVIDE THIS UPDATE OR THE LOCATION (URL) OF THIS UPDATE TO ANY THIRD PARTIES.

System Requirements
Supported Operating Systems: Windows 2000, Windows XP
Requires the English Version of Windows XP Embedded. See the Windows XP Embedded System Requirements for details.

http://www.microsoft.com/downloads/...ce-0d3a-4906-990e-2d058f107173&DisplayLang=en

Regards

eddie
 

Read other answers
RELEVANCY SCORE 67.6

Hiya

I couldn't think in which forum to post this but as this is the Games and other applications, I hope this is okay. Iff not, please move to the right place. Thanks

Microsoft has released a patch that eliminates a security vulnerability in Microsoft® Windows Media™ Player 6.4, 7, and 7.1. This vulnerability could potentially enable a malicious user to cause code of his choice to run on another user’s computer

http://www.microsoft.com/Downloads/release.asp?ReleaseID=31459

Regards

eddie
 

Read other answers
RELEVANCY SCORE 67.6

How do I give a user on a Windows Server 2000 Domain the access to change the Power Settings for the Monitor turning off, Hard drive shutting down and so on? Right now I get access denied on all systems including the server logged on as the user OR the Administrator. Is it in a group policy on the Domain or a local policy on the stations? If so where? Active directory and DHCP are both installed and active
 

A:Win 2K Server Power Management

This might help
http://www.terranovum.com/docs/energystar/WindowsPMWhitePaper-v4rev{2}.pdf
 

Read other 2 answers
RELEVANCY SCORE 67.6

Good morning to you all,

I've bought a new HP notebook with Windows Vista business edition and I have faced a problem, which is not exactly critical but it will be good if I can fix it.

Here is the situation. We have running active directory over a Server 2003. I'm a domain member and I'd joined the notebook onto the domain. The first two months everything was just fine, but since the past week, when I try to log on Vista says the following :
You cannot log on, because the Credential Management Server doesn't work properly or it is not installed on the target server. (this is not the exact text but it is with the same meaning).

After that I need to click on the log on Wizard button and I to mark the 'Do not use Credential Management Server' option.

What I need is to turn off this Credential Management, because on the domain controler there is no CMS installed and this is just freaking me out. Can someone help me with this?
I have read some articles but I couldn't find anything useful about my problem.

Thanks in advance
Meto
 

A:Credentials management server?

I'm having the same problem on two laptops for my company and would appreciate any info from someone smarter than I am because I'm lost.
 

Read other 2 answers
RELEVANCY SCORE 67.2

Hi!

So I have this little question (out of curiosity) what UTF "version" uses Å Ä Ö and how (if it's possible) can it be enabled on a telnet server?


thx
 

A:What UTF is and how to use/enable it on telnet server?

UTF are character encodings, eg: utf-8 character set

just google UTF for it
 

Read other 2 answers
RELEVANCY SCORE 67.2

I am running a Media Server via my Cisco Linksys E3000 router using an attached USB hard drive. This device uses PVConnect UPnP. When I connect to this Media Server using my Sony Bravia KDL40Z5100, only the photos with resolution less than 720 are available. Similarly, folders containing only jpegs of higher resolution return "There are no items to display". However, when I use Windows Media Player to connect to this UPnP, I can see and access all my jpg photos of any resolution, so I know the media server is working fine.
Anyone have any ideas?
 

A:Sony Bravia Media Server problems with large content

I'm having the same issue with my Bravia KDL-46EX701 TV and E3000. Based on the following post regarding a similar issue with an HP server using PVConnect UPnP, the problem appears to be in the router firmware:

http://forum.wegotserved.com/index.php/topic/12318-no-media-showing-on-sony-tv/

PVConnect is now Twonky. A Google search shows that issues have existed between Twonky servers and Sony TV's.
 

Read other 1 answers
RELEVANCY SCORE 67.2

Hi;
I am having the KMS Server with Server 2012 KMS Key,which is hosted on Windows server 2012 R2.

We need to update the KMS Server 2K12 Key to 2K16 KMS Key, Is there any way to Get the detail that the key will activate these OS Versions?

MBAM Report Feature Error Alert

Read other answers
RELEVANCY SCORE 66.8

Hi,

I've been told I need to have a static ip address to perform some odbc data management on some tables in a database. Cleaning up records and so forth. I cannot notify the application on the fly what my ip is (dynamically allocated)

I know I have to have a SSH connection, rather than getting a real static IP address can I do port forwarding and set my own up, or use on eof the dynamic dns Services.

Appreciate the advice.

Thanks,

Malcolm
 

Read other answers
RELEVANCY SCORE 66.8

I've got a 2003 SBS Installation and I was cleaning up the start menu, and accidentally removed "Server Management" from the list.. it's nowhere to be found.

How do I get it back? any special mmc command I can type into command line?/run?

Thanks
 

A:How do I get Server Management Console back?

http://msmvps.com/blogs/bradley/archive/2003/11/12/686.aspx
 

Read other 1 answers
RELEVANCY SCORE 66.8

I saw Microsoft posted SQL Server 2005 SP2. I downloaded this and installed it. As far as I can tell, the server is running fine as a service. However, each time I open SQL Server Management Studio Express edition, it crashes.

Does anybody know of a solution? I have a license for SQL Server 2005 Standard Edition. I'm very bummed I was 'pushed back' to Express edition.

Thanks.

Aaron

Read other answers