Description

Download Security Update 1 Release Notes (PDF)

This security update can only be downloaded using the LiveUpdate feature of Symantec NetRecon 3.6.

The SU1 theme is a response to the Slammer Worm and MS*SQL Server vulnerabilities.

Symantec NetRecon 3.6 Security Update 1 is a content update for Symantec NetRecon 3.6 that introduces 10 new vulnerability checks. Symantec NetRecon now checks Microsoft SQL*Server 7.0 and Microsoft SQL*Server 2000 for several buffer overflow and denial of service vulnerabilities, including the recent W32.Slammer worm attack.

For more information on W32.SQLExp.Worm, please refer to http://securityresponse.symantec.com/avcenter/venc/data/w32.sqlexp.worm.html.

Security Update 1 also adds new functionality to Symantec NetRecon that lets users submit license key information using the command-line interface. These features are explained in the Security Update 1 Release Notes as well as in NetRecon's updated help files.

New Vulnerability Checks

• MSSQL Buffer Overflow vulnerable to W32.Slammer worm attack
  
  Symantec NetRecon can identify a problem with the Microsoft SQL*Server 2000 Resolution Service, which may make it possible for a remote user to execute arbitrary code on a vulnerable host. An attacker could exploit a stack-based overflow in the Resolution Service by sending a maliciously crafted UDP packet to port 1434. A vulnerable version of Microsoft SQL*Server 2000 Desktop Engine is automatically installed with Internet Explorer 6 on .NET servers.
  
  
• SQL*Server 7.0 Remote Data Source function contains unchecked buffers
  
  Symantec NetRecon can identify a buffer overflow in Microsoft SQL*Server 7.0 that may let remote attackers execute arbitrary code on the system or gain privileged access to the SQL database.
  
  
• SQL*Server 2000 Remote Data Source function contains unchecked buffers
  
  Symantec NetRecon can identify a buffer overflow in Microsoft SQL*Server 2000 that may let remote attackers execute arbitrary code on the system or gain privileged access to the SQL database.
  
  
• SQL 7.0 extended stored procedures vulnerable to buffer overflow and DoS
  Symantec NetRecon can identify Microsoft SQL*Server 7.0 extended stored procedures that fail to validate input correctly, which may allow buffer overflow attacks and denial of service (DoS) attacks.
  
  
• SQL 2000 extended stored procedures vulnerable to buffer overflow and DoS
  
  Symantec NetRecon can identify Microsoft SQL*Server 2000 extended stored procedures that fail to validate input correctly, which may allow buffer overflow attacks and denial of service (DoS) attacks.
  
  
• SQL 2000 password encryption procedure vulnerable to buffer overflow attacks
  
  Symantec NetRecon can identify a Microsoft SQL*Server 2000 credential encryption procedure that is vulnerable to a buffer overflow attack, which could compromise control of the database and possibly the server. The SQL 2000 Resolution Service may allow remote DoS or execution of arbitrary code.
  
  
• SQL 2000 Resolution Service allows remote DoS or execution of arbitrary code
  
  Symantec NetRecon can identify the Microsoft SQL*Server 2000 Resolution Services that contain multiple vulnerabilities. These vulnerabilities allow denial of service attacks as well as possible execution of arbitrary code through buffer overflow attacks.
  
  
• SQL*Server 2000 sp_MScopyscript stored procedure fails to validate input
  
  Symantec NetRecon can identify the Microsoft SQL*Server 2000 sp_MScopyscript on network resources. Microsoft SQL*Server 2000 fails to validate input, which may allow attackers to execute arbitrary code and gain privileged access to stored procedures in the SQL database.
  
  
• SQL*Server 7.0 authentication engine vulnerable to buffer overflow attacks
  
  Symantec NetRecon can identify the authentication engine for the Microsoft SQL*Server 7.0. The authentication engine is vulnerable to buffer overflow attacks that may let attackers execute arbitrary code and gain privileged access to the stored procedure, or cause a denial of service for the SQL service.
  
  
• Server 2000 authentication engine vulnerable to buffer overflow attacks
  
  Symantec NetRecon can identify the authentication engine for the Microsoft SQL*Server 2000. The authentication engine is vulnerable to buffer overflow attacks that may let attackers execute arbitrary code and gain privileged access to the stored procedure, or cause a denial of service for the SQL service.
  
  

New Features and Enhancements

• The Symantec NetRecon command-line interface (CLI) can now accept license key information. Four options are required to successfully register the license key using the CLI. For details, see the Security Update 1 Release Notes.
  
  
• You must now use options to specify .NRD files when using the command-line interface. For details, see the Security Update 1 Release Notes.