Over 1 million tech questions and answers.

Windows Client Server Run-time Vulnerability

Q: Windows Client Server Run-time Vulnerability

The Microsoft Blog notes that they are tracking a Proof of Concept exploit. It targets the Client Server Run-Time Subsystem. The blog states that initial indications are that you need to be authenticated before you can take advantage of it. It affects Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2 and Windows Vista.http://isc.sans.org/diary.php?storyid=1965...The vulnerability is caused due to a double-free error in the handling of HardError messages within WINSRV.DLL...http://secunia.com/advisories/23448/

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Windows Client Server Run-time Vulnerability

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 70.8

i have the server with windows 2003 SP1 and i executed replication active directory, domain controller on the new server, as i have two servers. all expect one client computer work ok.onthe problematically computer is with the windows me.
problem is:
when i shut down old server,the computer with win me drop out from domain and he don't see new server.when i power on old server the client computer work ok.i deinstalled the win me on this computer and i installed to him win xp pro but problem is same. this computer don't see new server and he don't see others client computers in network.
what i do?
i tryed to make new user account but nothing i can't because of this computer don't see new server.
on client computer light green indicator on network adapter (Realtek 8139d) all the time.
i use commands: ping with the ip address of server, with the name of server nothing, ipconfig /release, ipconfig /renew, ipconfig /flushdns, ipconfig /registerdns.

ip address of old server is 192.168.0.100 and new server 192.168.0.101.
maybe problem is when i type ipconfig in dosprompt on new server
i receive: DNS server 192.168.0.100 and DHCP 192.168.0.100

plz help me thanks
 

Read other answers
RELEVANCY SCORE 70

I have 6 computers in a workgroup that need to be synchronized to a workgroup server.  The server is a virtual Win 7 running on a Windows 10 host.  Neither the server or client computers have internet access.  I started the process by configuring
the host to use its CMOS clock as its time source, which seems to have worked. The client computers are not virtual and can communicate with the Win 10 host as I am able to RDP to the host from the clients.  I made the following registry key changes to
get that accomplished.
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\Config]
"AnnounceFlags"=dword:00000005

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\Parameters]
"Type"="NoSync"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\TimeProviders\NtpClient]
"Enabled"=dword:00000000

"SpecialPollTimeRemaining"=hex(7):00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\TimeProviders\NtpServer]
"Enabled"=dword:00000001

<-------End of REG file------->

After applying these changes, I ran the following 'w32tm /config /update /syncfromflags: NO 
I get a message that the command is successful.
These changes are based on the following post:
https://social.technet.microsoft.com/Forums/office/en-US/04865e36-d43d-4167-a07d-9f28fd4f22fa/how-do-you-configure-windows-time-synchronizati... Read more

Read other answers
RELEVANCY SCORE 66.8

Hi;
I am having the KMS Server with Server 2012 KMS Key,which is hosted on Windows server 2012 R2.

We need to update the KMS Server 2K12 Key to 2K16 KMS Key, Is there any way to Get the detail that the key will activate these OS Versions?

MBAM Report Feature Error Alert

Read other answers
RELEVANCY SCORE 66

My organisation has 3 Windows 2003 servers (domain, mail, application). We are having very slow response time between server and client PCs in regards to opening/downloading/saving files from the server and working on software from client PCs that needs to communicate with the server. I am not sure if this was a problem from the day the servers were installed as i was not working here, but it is possible. The PCs are not the issue here as we tried it with different PCs across the years.

Thus i have the following two questions:

1. Could this be helped by increasing the download and upload speed of our connection? we currently have 8mbps download and 1mbps upload speed (this is for each server/pc). We are thinking of increasing it to 10mbps/10mbps and i was wondering if its worth it.

2. What might be the reason for the above problem?

thanks in advance
 

Read other answers
RELEVANCY SCORE 66

Hi,

I work at a tiny school which has no IT support. After a power cut, students are unable to log in to their individual users due to time being out of sync with server. I don't have info on local login info for these computers. Running XP. I can log in to server computer. Please help!
 

A:Client cant log in due to server time sync error HELP!

So the server date and time are correct? Are all computers affected or only one? How do you have the server password but not the local admin account for the workstations? There must be an IT department or IT contractor/firm somewhere for the school that you can contact for the credentials or for assistance.
 

Read other 3 answers
RELEVANCY SCORE 62.8

Microsoft is investigating new public reports of a limited attack exploiting a vulnerability in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. Microsoft Windows 2000 Professional Service Pack 4, Windows XP Service Pack 2, and Windows Vista are not affected... http://www.microsoft.com/technet/security/...ory/935964.mspxhttp://isc.sans.org/diary.html?storyid=2627

A:Vulnerability In Rpc On Windows Dns Server

More info on the Windows DNS RPC interface vulnerabilityhttp://isc.sans.org/diary.html?storyid=2633

Read other 2 answers
RELEVANCY SCORE 61.6

Hi,
I would like to know how to configure a Windows Server that will host a windows Diskless Client, I've read a lot of forums and blogs regarding this subject and I even tried to applied those summarized guide but until now I'm still stuck, and I hope someone
in this forum can help me or give me a detailed guide to this particular subject. I would really appreciate whatever suggestion or support that may give to me. 

Thank you,

Read other answers
RELEVANCY SCORE 59.2

My company has a Windows 2012r2 server that does not have IIS installed.  However, in a recent vulnerability scan the Options Method Enabled security vulnerability was detected.  I performed a scan using nmap and discovered the following:
PORT      STATE    SERVICE
21/tcp    filtered ftp
135/tcp   open     msrpc
139/tcp   open     netbios-ssn
445/tcp   open     microsoft-ds
3389/tcp  open     ms-wbt-server
8080/tcp  open     http-proxy
| http-methods:
|   Supported Methods: GET HEAD POST PUT DELETE OPTIONS
|_  Potentially risky methods: PUT DELETE
8443/tcp  open     https-alt
| http-methods:
|   Supported Methods: GET HEAD POST PUT DELETE OPTIONS
|_  Potentially risky methods: PUT DELETE
8800/tcp  open     sunwebadmin
9091/tcp  open     xmltec-xmlmail
49152/tcp open     unknown
49153/tcp open     unknown
49154/tcp open     unknown
49155/tcp open     unknown
49156/tcp open     unknown
49175/tcp open     unknown
So, the question is:  Since this server does not have IIS Manager, how do I disable the risky methods?

Read other answers
RELEVANCY SCORE 59.2

Hi ,

As we know about the Spectre and meltdown Vulnerability, to mitigate these Vulnerability we need to apply the Windows OS patches.
i didn`t found any KB update released for the Server 2012, can anyone suggest when this will be released or share KB no if it already released.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

Shailendra Dev

Read other answers
RELEVANCY SCORE 58.4

Hiya
This is a spoofing vulnerability that exists in the affected products and that could enable an attacker to spoof trusted Internet content. Users could believe they are accessing trusted Internet content when in reality they are accessing malicious Internet content, for example a malicious Web site. However, an attacker would first have to persuade a user to visit the attacker’s site to attempt to exploit this vulnerability.
Affected Software:

• Microsoft Proxy Server 2.0 Service Pack 1
• Microsoft Internet Security and Acceleration Server 2000 Service Pack 1 and Microsoft Internet Security and Acceleration Server 2000 Service Pack 2

Note The following software programs include Microsoft Internet Security and Acceleration Server 2000 (ISA Server 2000). Customers using these software programs should install the provided ISA Server 2000 security update.

• Microsoft Small Business Server 2000

• Microsoft Small Business Server 2003 Premium Edition

http://www.microsoft.com/technet/security/bulletin/ms04-039.mspx

eddie
 

Read other answers
RELEVANCY SCORE 58

Hiya

Sticking this one for a week as well here, as its in Security anyone, in case others miss it

An attacker who successfully exploited this information disclosure vulnerability could remotely read the session variables for users who have open connections to a malicious telnet server.
Affected Software:

• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows Services for UNIX 3.5 when running on Windows 2000
• Microsoft Windows Services for UNIX 3.0 when running on Windows 2000
• Microsoft Windows Services for UNIX 2.2 when running on Windows 2000

http://www.microsoft.com/technet/security/Bulletin/MS05-033.mspx

Regards

eddie
 

A:Vulnerability in Telnet Client Could Allow Information Disclosure (896428)

unsticking now
 

Read other 2 answers
RELEVANCY SCORE 57.2

I have 6 computers in a workgroup that need to be synchronized to a workgroup server.  The server is a virtual Win 7 running on a Windows 10 host.  Neither the server or client computers have internet access.  I started the process by configuring
the host to use its CMOS clock as its time source, which seems to have worked. The client computers are not virtual and can communicate with the Win 10 host as I am able to RDP to the host from the clients.  I made the following registry key changes to
get that accomplished.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\Config]
"AnnounceFlags"=dword:00000005

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\Parameters]
"Type"="NoSync"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\TimeProviders\NtpClient]
"Enabled"=dword:00000000

"SpecialPollTimeRemaining"=hex(7):00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\TimeProviders\NtpServer]
"Enabled"=dword:00000001

<-------End of REG file------->
After applying these changes, I ran the following 'w32tm /config /update /syncfromflags: NO 

I get a message that the command is successful.

These changes are based on the following post:

https://social.technet.microsoft.com/Forums/office/en-US/04865e36-d43d-4167-a07d-9f28fd4f22fa/how-do-you-configure-windows-time-synchro... Read more

Read other answers
RELEVANCY SCORE 54.8

Hello ,
Im trying to setup a VPN connection and got error 919 , and 629..
I have windows server 2008 R2 configured as VPN server and the client is on Win 7 Ult PC.
- The server is connected to the internet via Wireless LAN only.. I have a netgear wireless modem/router...
- I enabled RRAS on the server and created a user and on the AD I Allow Access in the dial in Tab.
- I created a new VPN connection on the client PC (WIN 7 ) and in the address I put the IP of the server and then the user name and password .then when I connect I got the error 919 and tried again with error 629.
- I can ping the server and the server can ping the client. Im trying on internal network.
- I enabled the REQUEST TO PING ON WAN in the netgear
- The firewall is OFF on both server and client , but still cant connect.....!!
Thanks in Advace for help and if any specific info needed please let me know.
Regards

A:VPN ERROR 919 and 629 . WINDOWS SERVER 2008 R2 & WIN 7 CLIENT

Please see the following blog.
Troubleshooting Vista VPN problems - Routing and Remote Access Blog - Site Home - TechNet Blogs 
For error 919, the suggestion is:
Configure your server to allow clients to connect with MS-CHAPv2 as the authentication method. Update your VPN client connection settings to use MSCHAPv2 as the authentication method.
If you have a third-party VPN server which does not support MS-CHAPv2 as an authentication method and supports only MS-CHAPv1, you will need to use either CHAP or PAP to connect from the Windows Vista VPN client until the server you use starts supporting
MS-CHAPv2.Please remember to click ?Mark as Answer? on the post that helps you, and to click ?Unmark as Answer? if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ?

Read other 3 answers
RELEVANCY SCORE 54.8

Hi guys,good day to everybody, I'm just wondering if its possible to use windows 7 Ultimate as a Server for thin client? I'll be using nc600 as my client terminal. The box says it supports windows 7. Is there any additional software I need to install on windows 7 server machine before I can use the client terminal? Or are there any guidelines on how this would work?. This is intended to be used for a school project which pertains to "latest innovations" its a group work ^_^. Thanks...

A:Windows 7 Ultimate x64 as Thin Client Server?

anybody? ....

Read other 4 answers
RELEVANCY SCORE 54.8

Okay so far I've setup windows built-in VPN server (using this GUIDE), forwarded ports on my router to port 1723 to my computers local IP and enabled PPTP passthrough. Created 2 rules in windows firewall to allow both TCP 1723 and GRE 47. I've even turned windows firewall off to see if I could connect that way. Still nothing. My phone will say connecting for about a 50 seconds then disconnect. Contacted Motorola and they said that the router will forward GRE with PPTP passthrough enabled, thta its most likely a Windows issue. I'm using a Galaxy S4 and the router is a Motorola SBG6580. I'm totally lost. No errors or anything from android or Windows.

A:Windows 7 server to Android VPN client not connecting

Maybe the following link will help. Any questions let me know.

How to: Windows 7 incoming VPN from Android ? Damian's Blog

Read other 8 answers
RELEVANCY SCORE 54.8

Hi guys,

I created a VPN server using the Windows XP Pro network assistant. I would like to known, if anyone of you would know what registry key I need to edit to allow this VPN server to accept more than 1 simultanous connection.

If I create a VPN server using the network assistant in Windows Server 2003, by default it will allow multiple connections. But I do pocess a legal copy of Windows Server 2003, so I don't want to use it.

Since Windows Server 2003 use the same VPN server/client than Windows XP Pro, I presume this limitation is due to a registry entry. I would like to known which one it is so I could allow my Windows XP Pro to do the same.

Thanks in advance,
 

Read other answers
RELEVANCY SCORE 54.8

I was trying to sync Windows time with Internet timer Server. I was following this tutorial : Time Synchronization - Turn On or Off in Windows 8

For the first option, I couldn't couldn't find the necessary options.

For the second option, I've already set my settings right.
But, still my windows 8 time was showing wrong.

I had to change my BIOS time to make the necessary change to Windows time.

So, what happened here. Can windows 8 override BIOS time? or How can I set Windows time to Internet time server even if my BIOS time is wrong.

Thank you for your help.

A:Synchronize windows time with internet time server.

Yes the OS can override the BIOS time. It uses UTC to update. Check your time zone in Date & Time tab, to see if that is why your time is off.

Read other 4 answers
RELEVANCY SCORE 54.4

Hello everyone, I've looked around at other threads related to my issue, and I can't seem to find a correct answer.
I have a computer lab that I've recently installed a Windows 7 Enterprise image onto 35 Dell Optiplex computers (most are 380's, a few older 360's).
I created the image using MDT2010 and used one of the 380's as a reference.
All has been well for about a month or two but recently 6 computers are giving me Windows Update errors with the error code of 80080005.
I have a WSUS 3.0 SP2 server running, and all of my other computers seem to be getting their updates just fine.  WSUS has the problematic computers in it's database, but it shows that they haven't checked in for "x" days.
I have Avast 4.8 Professional installed, I have OpenDNS configured to block bad websites, ____, etc. and I also use an Untangle server to prevent access to bad websites.  I've ran a Malwarebytes' Anti-Malware scan on the affected computers, as well
as Windows Defender scan, and Windows Live OneCare scans, and all have found no malicious software.
I have also tried resetting the Windows update service as described here: http://support.microsoft.com/kb/971058 as well as a script that supposedly does the same thing, but also resets all previous
update events, but I can't find the script source right now (I had ran it last week, and it didn't work).
I'm currently running a SFC /Scannow on one of the computers, and now it has finished.  It gives the... Read more

A:Windows Update Error 80080005 Windows 7 Client with WSUS 3.0 SP2 server

Alright, I re-attempted to run the "SFC /scannow" command under a Administrator Command Prompt window, and got this error:
"SFC /scannow error message: Windows Resource Protection could not start the repair service"
I searched around a bit, and found a suggestion to check that the TrustedInstaller/Windows Module Installer is running.
When trying to start the Windows Module Installer, I get this error: 
 

Windows Modules Installer - Error 1450 Insufficient System Resources
What a fun problem this is turning out to be.  I'd like
to just re-image these computers, but I fear that it'll just happen again and I'm wondering why it's only a handful of computers that are affected, yet I have over 65 machines that were all installed from the same exact image.
 
I'll keep poking along trying to find something that fixes this darn issue.  If anybody comes up with any ideas, I'll gladly try them.  Thanks!
 
Just found this: http://social.technet.microsoft.com/Forums/en-US/w7itproui/thread/42e2a200-defe-4c6b-a1b3-606836dcfabb
and I'm trying the suggestion to set the registry limit size to "no limit" (setting hex value of 0xfffffff) to see if it works.  If it gets the sfc to run, it might fix my windows update issue as well.
I have ArcGIS installed on 25 of the lab machines, and according to the link that I posted above, others have experienced problems after installing the ArcGIS software.  ... Read more

Read other 11 answers
RELEVANCY SCORE 54.4

Hi All,
After patching the updates of an existing Windows 8.1pro Client, I'm unable to connect to shared folder of Windows 2003 Server...But, you can connect by typing the IP of the Server....Eg: \\192.168.1.2 but not by the Server name...eg: \\Tac-Server...
Please note that the Windows update went smoothly without any error and now it's showing no more windows update but directly upgrade to Windows 10.
Can you please help me to sort out this issue.
Thanks
Prabhath

Read other answers
RELEVANCY SCORE 54.4

I am able to add Windows 7, Windows 8, and Windows 8.1 clients without any issues. However, I receive an error stating the network path could not be found whenever I try to add the Windows 10 client. I have verified all settings, including authentication credentials, DNS settings, and IP settings. All devices have both IPv4 and IPv6. All clients were added from the same network using the same settings (DHCP with DNS set to the IPv4 and IPv6 servers).
 

Read other answers
RELEVANCY SCORE 54.4

Hi,

We have bound several Macs to the Microsoft AD domain. One of the reasons for doing this was to achieve a single sign-on environment. ie no need to reautenticate when connecting to one of the file servers etc.
The problem we have is that when we attempt to connect to the Win2003 fileserver using AFP we are still being prompted to reauthenticate wheras if we use SMB instead it connects staright away. We have noticed that the SMB connection works straight off as the Kerberos Domain Controller (KDC) issues the OSX user with a kerberos ticket which is viewable in the Kerberos.app on the Mac.
Does anybody have any ideas that may help with this ?
Thanks in advance
 

Read other answers
RELEVANCY SCORE 54.4

Okay let me give you all the facts up until about 6 months we ran hardcoded PC's across the board. We then got more and more laptops and are finding it easier to now run DHCP. One issue I have is we are running DHCP off a Cicso router and not off the Windows 2003 server. Also remember we have a bunch of subnets as each location is on its own vlan (while this does not matter the same problem is happening with the local LAN with the hosting servers).

I just now went into DNS and noticed that our records are not being updated within DNS. We had some records that are in our forward lookup zones that were 3 months old + that have no computername any longer even on the network. In the reverse lookup zones there is more of the same where we have multiple records with the same IP.

This is happening in both forward and reverse lookup zones and is on 2 different DNS servers. Now scavenging was set for the forward lokup zones for 7 days abut the reverse lookup zone was NOT enabled. We went ahead and enabled it and then I did a forced Scavenge Stale resource records on both servers at the same time.

This did part of what I wanted but did not fix the entire problem. In the forward lookup zones the A records that were stale are now gone (at least the main ones that caused me to notice the problem to begin with). In the reverse lookup zones there are still a TON of duplicates - PTR records for 2 different PC's on the same IP and PTR records for 1 PC on 2 different IP's

No... Read more

A:Windows 2003 DNS Server - Client Records not being deleted.

Hello Stumped!

I am having the same problem in my environment with my reverse lookup zones. I have duplicate PTR records and scavenging does not seem to be working for the reverse lookup zones. I am at the point now where I am considering deleting my reverse lookup zone and recreating. I just have to answer a few questions about how I am going to recreate the reverse lookup entries that were created from manual forward entries. I would hate to have to do that part manually.

At any rate, I believe I can at least speak to your question regarding a Cisco device being used for dynamic DNS.

You're Windows 2000/XP clients should register their forward lookup name themselves. The DHCP server registers the PTR records on the client&#8217;s behalf. The client has the option of requesting to update both records; however, it is only responsible for actually updating the forward lookup zone. The reverse lookup zone in a Microsoft scenario is always updated by the DHCP server.

I have not been able to determine that Cisco routers actually support dynamic DNS. I have seen some documentation for security appliances that make it possible (but I don't think they work with MS DNS)

As far as what I've found from Cisco, they sell a DNS/DHCP solution called Cisco Network Registrar which supports dynamic DNS. My suggestion would be to pick one solution or the other. (I have no experience with CNR and I have no idea what it costs)

http://www.cisco.com/en/US/products...ducts_... Read more

Read other 2 answers
RELEVANCY SCORE 54.4

I have to make a security tunnel between Linux(server) and Windows(client).

IS IS POSSIBLE TO CONNECT WINDOWS with LINUX USING ONLY IPsec ?


Tunnel will be using to remote administration Linux server.

Is any Windows Client IPsec for Windows ?
I don't want use pptp(unsecure) and l2tp(SLES 10 SP2 hasn't l2tp demon support), only ipsec

Have you any solution ?

Read other answers
RELEVANCY SCORE 54.4

I installed the 64bit version of the Windows Home Server v1 client on my Win8 PC last night and it installed just fine. The PC was backed up and the WHS console correctly shows the PC as "Win 8 Enterprise". I'll test the recovery functions this weekend and report back here. So far, so good!

A:Windows Home Server v1 client installed just fine...

It works! The attached screenshot shows the Win8 client added and backed up. I restored a file yesterday and everything worked perfectly!

Read other 5 answers
RELEVANCY SCORE 54

Hiya

SQL Server 7.0 and 2000 provide a number of functions that enable
database queries to generate text messages. In some cases, the
functions create a text message and store it in a variable; in
others, the functions directly display the message. Two
vulnerabilities associated with these functions have been discovered.

The first vulnerability results because of a flaw in the functions
themselves. Several of the functions don't adequately verify that the
requested text will fit into the buffer that's supplied to hold it. A
buffer overrun could occur as a result, and could be used either to
run code in the security context of the SQL Server service or to
cause the SQL Server service to fail. SQL Server can be configured to
run in various security contexts, and by default runs as a domain
user. The precise privileges the attacker could gain would depend on
the specific security context that the service runs in.

The second vulnerability results because of a format string
vulnerability in the C runtime functions that the SQL Server
functions call when installed on Windows NT(r) 4.0, Windows(r) 2000
or Windows XP. Although format string vulnerabilities often can be
exploited to run code of the attacker's choice, that is not true in
this case. Because of the specific way this vulnerability occurs, the
C Runtime code would always be overrun with the same values
regardless of the attacker's inputs. As a result, this vulnerability
could only be used as a denia... Read more

A:SQL Server Vulnerability : Dec 21

thanks
 

Read other 1 answers
RELEVANCY SCORE 54

Hiya

SQL Server 7.0 and 2000 provide for extended stored procedures,
which are external routines written in a programming language such
as C. These procedures appear to users as normal stored procedures
and are executed in the same way. SQL Server 7.0 and 2000 include
a number of extended stored procedures which are used for various
helper functions

Several of the Microsoft-provided extended stored procedures have
a flaw in common - namely, they fail to perform input validation
correctly, and are susceptible to buffer overruns as a result
exploiting the flaw could enable an attacker to either cause the
SQL Server service to fail, or to cause code to run in the security
context in which SQL Server is running. SQL Server can be
configured to run in various security contexts, and by default
runs as a domain user. The precise privileges the attacker could
gain would depend on the specific security context that the
service runs in.

An attacker could exploit this vulnerability in one of two ways.
Firstly, the attacker could attempt to load and execute a database
query that calls one of the affected functions. Secondly, if a
web-site or other database front-end were configured to access
and process arbitrary queries, it could be possible for the
attacker to provide inputs that would cause the query to call
one of the functions in question with the appropriate
malformed parameters.
Affected Software:

Microsoft SQL Server 7.0
Microsoft SQL Server 2000

Maximum Severity Rat... Read more

Read other answers
RELEVANCY SCORE 53.6

Hi All,

I am working as a system administrator in a gaming company around with 80 systems and 3 Linux systems (RHEL 5.0)..

The 80 systems are Windows Xp and server is Windows 2003 R2...These 80 systems are clients under this 2003 server..

But the three Linux systems are in workgroup..How can i add these three systems to Windows network..

As per my knowledge it is possible with WINBIND..

But tell me what are changes needed in Linux and as well as windows server 2003...

Please help me..

Thanks in Advance..
 

A:How can i Join RHEL 5.0 system to Windows server 2003 as a client

Please do not create multiple threads for the same problem.
Continue here: http://forums.techguy.org/unix-linux/786943-how-can-i-join-rhel.html
 

Read other 1 answers
RELEVANCY SCORE 53.6

Hi all,
I am currently helping my company prototype automated Windows installation via network. I am using Server 2008r2 and Windows Deployment Services with Windows 7 as the
OS being installed on the client computer. Everything works fine EXCEPT joining the client PC to the domain. DNS is configured correctly, client computer is already prestaged in Active Directory Computers as the user "Client1" with a password of
"password". I have posted my unattend xml file and the relevant section of the Panther/UnattendGC setupact.log and setuperr.log files. 
Setupact.log:
2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended
Join: Begin
2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended
Join: Loading input parameters...
2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended
Join: AccountData = [NULL]
2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended
Join: UnsecureJoin = [NULL]
2017-06-29 0... Read more

Read other answers
RELEVANCY SCORE 53.6

I've got about 40 Senor Point of Sale tablets running Windows 7. They work just fine, but are failing to take Windows Update for Service Pack 1 (KB97632). The POS software is soon going to need this update in order for it to continue working.

I've deleted the Windows Update cache (SoftwareDistribution >> SoftwareDistribution.old) and nothing changed.

I've downloaded the update .exe and after it ran, nothing changed.

Check for Windows Updates only shows the SP1 update when I click to search online for updates, for what it's worth.

After the update has failed, I get error code 800736b3.

Apparently the billion and two solutions other people have aren't solutions for me.

Please help me!

Thanks in advance.

Read other answers
RELEVANCY SCORE 53.6

I am running a Windows 2003 server with 2 NICS in my office. The internal LAN in the office is on 192.168.1.xxx, subnet mask 255.255.255.0.

The Second NIC installed for VPN has IP address: 192.168.1.95. I have configure RAS to work on the Second NIC. It uses DHCP to give out IP addresses to VPN clients in the 192.168.0.xxx range.

My home network and Vista client machine are on 192.168.15.xxx.

I can connect and register my Vista client machine on the network, but I cannot ping any of the computers, including the server, in the office network. I believe I have to set up some sort of a static route or a classless route, or something like that, so that the VPN client machine (192.168.0.xxx) can hop over to the office network (192.168.1.xxx).

Can anyone help?

By the way, I know that the router is passing the traffic correctly because if I set up RAS to distribute an address to the VPN client in the 192.168.1.xxx range using the existing NIC (not the second NIC in the server), everything works fine.
 

A:VPN Routing Problem-Windows 2003 Server/Vista Client

Bump
 

Read other 1 answers
RELEVANCY SCORE 53.6

I have been given a PC with Windows 7 Home Premium 64 bit
This was a client PC from a small old Windows Home Server 2011 system which has now been dismantled as the server PC failed.
My unit works fine but I cannot remove the irritating Server client items from it - Launchpad and Alert Services etc etc.
Have looked everywhere on the disk but cannot find any uninstall file anywhere.
All the relevant files seem to be in the ?Program Files?, ?Windows Server? , ?Bin? folder but nothing found there. No separate uninstalling prog will work either.
Have considered starting up the PC in Safe Mode, physically removing the Windows Server folder and contents then running a registry cleaner to tidy up the loose ends.
Am concerned that this might make the PC unstable so ask if anyone has any useful suggestions. For now I have worked through the Start Up process and inhibited the ones considered relevant. Also CCleaner has stopped the Launchpad.This has worked but would like to permanently remove the unwanted items.
Ted

A:Removal of Windows Home Server 2011 client software

No one has supplied any suggestions as to my programme removal so decided to risk it and do it myself as described.
Backed up whole HD plus registry, restarted in basic Safe Mode then physically removed all traces of WHS 2011 in file system.
Emptied Recycle Bin then restarted as normal.
No disasters occurred so used CCleaner and Advanced Uninstaller PRO. They mopped up the loose ends and everything seems to be fine now. Job done!
I suppose the same process could be used for most difficult to remove items.

Read other 1 answers
RELEVANCY SCORE 53.6

The Client Connect to Windows server 2012 Essentials not working for 1 PC on a network. It didn't work a year ago when I set up the domain and the other 8 PC's connected, but the HDD died so I did a fresh install in Window 7 Pro SP1 and put in all the updates
and tried to connect agian.
The error is that it can't find the server.
I've tried everything else I've seen on the forums, IP v4 only, DNS is only set to the Windows Domain server.

below is the log for the connect attempt, does anyone have any ideas?

10/24/2016 15:11:38  edc] wmain: Start of Computerconnector
[10/24/2016 15:11:38  edc] wmain: Calling Computerconnector::ShowWizard()
[10/24/2016 15:11:38  edc] CComputerconnector::ShowWizard: Initializing common controls
[10/24/2016 15:11:38  edc] CComputerconnector::ShowWizard: Done initializing common controls
[10/24/2016 15:11:38  edc] Displaying the wizard
[10/24/2016 15:11:38  edc] CComputerconnector::AnotherInstallationErrorDlgProc: IDD_ANOTHER_INSTALLATION_ERR Page Initialization
[10/24/2016 15:11:38 1054] CComputerconnector::Run: Installation is ready to run
[10/24/2016 15:11:38 1054] GlobalData::Initialize (192.168.1.151, , C:\Users\BPOWELL.JMS\Downloads\ComputerConnector(192.168.1.151).exe, 1033)
[10/24/2016 15:11:38 1054] ExpandEnvironmentStrings return (C:\Windows\Temp\Client Deployment Files\)
[10/24/2016 15:11:38 1054] CComputerconnector::Run: Running Task: Id=1 Description=Downloads the Setup.cab file
[10/2... Read more

Read other answers
RELEVANCY SCORE 53.2

Hi,

I am having an issue with offline files created offline syncing back to the server. I have set up a network share to be available offline on a client computer. All files are available offline without issue. Here is the issue however. If I set the folder to work offline any file I create in the folder when it is offline just disappears when the folder comes back online, there are no conflicts or sync failures reported in sync center. If I create a new folder offline the folder does sync back to the server. Any changes made to an existing file are also replicated back to the server once the share is back online. So the issue is only with newly created files when the share is offline. I have not been able to replicate this error on any other file server in our environment, However I have recreated the issue with multiple shares with multiple Win 7 clients on this file server.

Steps taken so far.

Checked and reset permission levels on the share.
Recreated new shares from scratch for testing.
Disabled and enabled offline files on the client computer and cleared the offline cache.
Check various registry entry settings.
Disabled cashing on the File server.
Tested with XP the issue does not exist with XP.

I have spent hours researching this error online to no avail.

The clients are running Windows 7 Enterprise 64 bit
The File server is Server 2003 Standard 32 bit with SP2

Any help or ideas would be most welcome.

A:Offline Folder sync issue, Win 7 Client Server 2003 Flie Server.

I've seen the complaints about this problem but with no clear resolution. There are some hot fixes listed that may help, updating to Windows 7 SP1 is supposed to help in some cases but nothing seems for certain.

No way for me to recreate this problem but apparently others have the same problem.

Offline created files disappear after re-connect

Browse by Tags - The troubleshooters and problem solvers... - Site Home - TechNet Blogs

Administratively assigned offline files on Win7 client disappear from server (Network Steve Forum)

The Group Policy settings in the next link may have an effect on this problem.

http://mcpmag.com/articles/2003/11/0...ine-files.aspx

Read other 3 answers
RELEVANCY SCORE 53.2

There is a process running on my computer called csrss.exe
 
I went to http://www.processlibrary.com and looked it up and came up with 2 different things. One says it is a Trojan and needs to be removed. The same exact process name also says it is Microsoft client server runtime server and SHOULD NOT be removed.
 
How I am supposed to tell the difference so I do not make a mistake by either leaving it alone or removing it???

A:Process: csrss.exe (trojan or Microsoft Client Server Runtime Server?)

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/561994 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 2 answers
RELEVANCY SCORE 52.8

Please help with the command to check the version of NTP configured on Windows server 2008 server...

Read other answers
RELEVANCY SCORE 52.8

Hiya

There is a remotely exploitable vulnerability in the way that Apache web servers (or other web servers based on their source code) handle data encoded in chunks. This vulnerability is present by default in configurations of Apache web server versions 1.2.2 and above, 1.3 through 1.3.24, and versions 2.0 through 2.0.36. The impact of this vulnerability is dependent upon the software version and the hardware platform the server is running on.

Systems Affected

Web servers based on Apache code versions 1.2.2 and above
Web servers based on Apache code versions 1.3 through 1.3.24
Web servers based on Apache code versions 2.0 through 2.0.36

http://www.cert.org/advisories/CA-2002-17.html

Regards

eddie
 

A:Apache web server Vulnerability: June 21

June 24, 2002: Added F5 Networks vendor statement.
June 24, 2002: Updated IBM vendor statement to include Websphere information.
June 24, 2002: Added Sun Microsystems Inc. vendor statement.
June 27, 2002: Added Nortel vendor statement.
June 27, 2002: Updated Unisphere vendor statement.
June 28, 2002: Added Alcatel vendor statement.
June 28, 2002: Added Apple vendor statement.
July 08, 2002: Added Cisco vendor statement.

http://www.cert.org/advisories/CA-2002-17.html

Regards

eddie
 

Read other 2 answers
RELEVANCY SCORE 52.8

Hiya

SQL Server 2000 introduces the ability to host multiple instances of
SQL Server on a single physical machine. Each instance operates for
all intents and purposes as though it was a separate server. However,
the multiple instances cannot all use the standard SQL Server session
port (TCP 1433). While the default instance listens on TCP port 1433,
named instances listen on any port assigned to them. The SQL Server
Resolution Service, which operates on UDP port 1434, provides a way
for clients to query for the appropriate network endpoints to use for
a particular SQL Server instance.

There are three security vulnerabilities here. The first two are
buffer overruns. By sending a carefully crafted packet to the
Resolution Service, an attacker could cause portions of system memory
(the heap in one case, the stack in the other) to be overwritten.
Overwriting it with random data would likely result in the failure of
the SQL Server service; overwriting it with carefully selected data
could allow the attacker to run code in the security context of the
SQL Server service.

The third vulnerability is a denial of service vulnerability. SQL
uses a keep-alive mechanism to distinguish between active and passive
instances. It is possible to create a keep-alive packet that, when
sent to the Resolution Service, will cause SQL Server 2000 to respond
with the same information. An attacker who created such a packet,
spoofed the source address so that it appeared to come from a one SQL
Serve... Read more

Read other answers
RELEVANCY SCORE 52.8

Microsoft warns of new server vulnerability.

A new, unpatched vulnerability exists in one of Microsoft's server products, the company warned late Monday.

Note: Read the technical bulletin link in the article to find out how to adjust configuration settings to mitigate the impact of the flaw.

-- Tom
 

Read other answers
RELEVANCY SCORE 52.8

Hi,
My friend and i at Univsersity have to create a Windows 2000 server and then make a computer using Windows 98 able to connect to it and access files in shared folders.
This is all done using software called VMWare, this prevents us using real computers do to the work, in the probably event we would break them.

The problem is we get stuck near the end of the documentation we are given.
When the user on the 98 machine tries to log in it just says invalid or unknown domain or it might even be password, im not sure at the minute, more likely to be domain as we set up the user accounts ourselfs.

The teacher asked us to try the ping command, to try to connect to each other.
My friend on the 98 machine could ping himself and my machine,
i could pinghost (my machine) but when i tried to ping the 98 machine it said request timed out.
This seemed odd as he could ping my machine but i could not ping his, the only thing i can think of about that is outbound connections have been blocked, but we have been told security is disabled as default on Win2000 servers.

Sorry about the large text file, it wont let me add RTF files on here, i tried to bold the part we are stuck on but it just changed the whole text of everything.
We are stuck on from :
7. Configure a Windows 98 Client
(its near the bottom of the file)

Any help would be appreciated.
 

Read other answers
RELEVANCY SCORE 52.4

Server has been great and online for about 7 months without issue.  Three times over the last two weeks, all clients' mapped drives just drop and Windows Explorer hangs...  I am not able to disconnect drives via command prompt, nor remap drives
via command prompt.  However, I can ping the server and remote desktop to the server perfectly.  No errors in logs on workstations or server.  Affects all workstations (60+ running Windows 7 Pro) simultaneously.  Client mappings to
other servers (Windows 2008 R2) running on the same switch are unaffected.  Reboot the 2012 server and you can reconnect to mapped drives by clicking on them in Windows Explorer.  Any ideas?

Read other answers
RELEVANCY SCORE 52.4

Hi I'm working on a client/server with the Java programming language and trying to figure out how to protect my server. With my current Virus/Firewall protection suite theres nothing I can do to keep out unwanted Java applications on the port I choose to allow the Java SE Binary through for clients accessing the server application. ESET Smart Security 4 is what I am using. Does anybody know of a security suite that would allow only a specific Java application to get through the firewall? I'm not to sure on this subject because my firewall is identifying any Java application as only the "Java SE Binary" and not I'm sure if you can even really name your Java application like you would something you would write in C++. Any information would be appreciated, thank you.
 

A:Java Server/Client + Server Firewall Safety

Read other 6 answers
RELEVANCY SCORE 52.4

A friend is moving his business, and the new business park that he's setting up shop in does not have anyway to get any wired internet to his building, excluding a T1 line, which he can't justify the cost of.

One windows 7 machine acts as the server, primarily for Quickbooks database, and there are two other windows 7 machines that are clients, reading off said database.

He's getting one of those usb dongles for wireless internet service, for the server only (the other two computers will be tethered to a smartphone for internet for QB and windows updates periodically).

They do NOT want to share the servers wireless connection to the other machines.

My only concern was if the server will continue to try to check the LAN for internet connectivity, or will it check both network connections when one fails, or is there a setting I can tell them to change to ensure it knows to go to the wireless dongle for internet all the time, without interfering with the workstations talking to the server over the LAN to get to the database?

The setup at the old office was business class DSL, they are using a relatively new Linksys router, which had the DSL authentication information.

Thank you!

A:LAN network for server/client only, USB hotspot for server internet.

I managed to find a solution this morning, for anyone that's interested, the whole article is here: Multiple Network Connections at the Same Time on Windows | Ivan Zlatev

But the short answer is, under the advanced properties of TCP/IP v4, uncheck automatic metric, set your internet to a value of 1, and the LAN to a value of 9999.

Read other 1 answers
RELEVANCY SCORE 52.4

was trying to network my computer to the server but keep getting the message 'server not responding from client computer' can anyone help please.
 

Read other answers
RELEVANCY SCORE 52.4

I'm looking at setting up windows 2003 terminal servers all over the place to replace the awful thing people are currently doing here - vncing servers with one small shared password among everyone <holding my hands over my ears for the backlash>. Don't blame me, it's another awful legacy I have to get rid of...

1. I've got to set up a Terminal Server Licensing server and was thinking about putting this on my second domain controller. I was wondering what would happen in this server dies, though. Is there some way of having resilience in this scenario? Perhaps a second Licensing server or something, the way you have 2 or more Domain Controllers?

2. Also, I know that Windows XP has an RDP client, I've used before on many occasions, but what about all the Windows 2000 clients that I still have out there. What should I do for them to access the new Terminal Servers?
 

A:Terminal Server license server(s)? RDP client for Windows2K?

I'm not 100% sure on #1, but I believe that the TS licensing becomes integrated into the AD, so if one DC goes down, the other one will be able to check licensing. On another note, if you are using the TS for administration only, I don't believe you needs the TS Licensing to be installed.

For #2, you can download the latest version of the RDP client from MS's website. It should also be available through Windows Updates, although I think Win2K isn't supported any longer, other than Critical Updates.
 

Read other 1 answers
RELEVANCY SCORE 52.4

Hiya

This patch eliminates two newly discovered vulnerabilities affecting
SQL Server 2000 and MSDE 2000:

- A buffer overrun vulnerability that occurs in several Database
Consistency Checkers (DBCCs) that ship as part of SQL Server 2000.
DBCCs are command console utilities that allow maintenance and
other operations to be performed on a SQL Server. While many of
these are executable only by sysadmin, some are executable by
members of the db_owner and db_ddladmin roles as well. In the most
serious case, exploiting this vulnerability would enable an
attacker to run code in the context of the SQL Server service,
thereby giving the attacker complete control over all databases
on the server.

- A SQL injection vulnerability that occurs in two stored
procedures used in database replication. One of these can only be
run by users who have been assigned the db_owner role; the other,
due to a permissions error, could be run by any user who could log
onto the server interactively. Exploiting the vulnerability could
enable an attacker to run operating system commands on the server,
but is subject to significant mitigating factors as discussed
below.

Maximum Severity Rating: Moderate

Affected Software:

Microsoft SQL Server 2000.
Microsoft Desktop Engine (MSDE) 2000
Download locations for this patch
SQL Server 2000:

http://support.microsoft.com/support/misc/kblookup.asp?id=Q316333

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulleti... Read more

Read other answers