Descargar

Segurança em servidores de bancos de dados, técnicas de invasão e proteção (página 3)


Partes: 1, 2, 3

Anexo 2 – Lista de bugs corrigidos no SQL Server 2000 Service Pack 4 314128 FIX: Access violation occurs when an RPC call is made that includes a bit parameter value that is not valid 317989 FIX: Sqlakw32.dll may corrupt SQL statements 319477 FIX: Extremely large number of user tables on AWE system may cause BPool::Map errors 328551 FIX: Concurrency enhancements for the tempdb database 331885 FIX: Update/Delete statement fails with Error: 1203 during page lock escalation 331965 FIX: The xp_readmail extended stored procedure overwrites attachment that already exists 331968 FIX: The xp_readmail and xp_findnextmsg extended stored procedures do not read mail in time received order 332004 FIX: SQL Server scalability may be limited if AWE is enabled 891719 FIX: You receive a 17803 error message when you run a SORT or CREATE INDEX operation on a computer that has several GB of physical RAM from SQL Server 2000 810026 FIX: A DELETE statement with a self-join may fail and you receive a 625 error 810052 FIX: A memory leak occurs when cursors are opened during a connection 810072 FIX: Merge replication reconciler stack overflow 810140 FIX: A cursor DECLARE statement with a binary large object (text/ntext/image) parameter may cause an access violation 810163 FIX: An access violation occurs if an sp_cursoropen call references a parameter that is not defined 810526 FIX: Cursors that have a long lifetime may cause memory fragmentation 810688 FIX: Merge Agent can resend changes for filtered publications 810920 FIX: The JOIN queries in the triggers that involve the inserted table or the deleted table may return results that are not consistent 811052 FIX: Latch time-out message 845 occurs when you perform a database or file SHRINK operation 811188 FIX: The merge replication agent stops responding when you perform merge replication between a SQL Server database and a SQL Server CE database by using a custom conflict resolver 811205 FIX: An error message occurs when you perform a database or a file SHRINK operation 811467 FIX: A Unicode LIKE predicate with binary collation may return incorrect results 811476 BUG: Rollback fails with errors 3314 and 9001 if you enlist multiple connections in the same transaction 811611 FIX: Reinitialized SQL Server CE 2.0 subscribers may experience data loss and non- convergence 811703 FIX: Unexpected results from partial aggregations based on conversions 812250 FIX: Indexed view may cause a handled access violation in CIndex::SetLevel1Names 812393 FIX: UPDATE or DELETE statement fails with error 1203 during row lock escalation 812798 FIX: A UNION ALL view may not use index if partitions are removed at compile time 812995 FIX: A query with an aggregate function may fail with a 3628 error 813146 FIX: A scan of each partition table may be performed when you run an UPDATE statement on the partitioning column of a partitioned view 813412 FIX: xp_readmail returns NULL in the attachment column if the attachment's type is Message Format 813494 FIX: Distribution Agent fails with "violation of primary key constraint" error message 813524 FIX: OLE DB conversion errors may occur after you select a literal string that represents datetime data as a column 813759 FIX: A large number of NULL values in join columns result in slow query performance 813769 FIX: You may experience slow performance when you debug a SQL Server service 813779 FIX: A DML operation on a large table can cause performance problems 814032 FIX: Merge publications cannot synchronize on SQL Server 2000 Service Pack 3 814035 FIX: A full-text population fails after you apply SQL Server 2000 Service Pack 3 814113 FIX: DTS Designer may generate an access violation after you install SQL Server 2000 Service Pack 3 814460 FIX: Merge replication with alternate synchronization partners may not succeed after you change the retention period 814509 FIX: A parallel query with a COUNT aggregate function may return unexpected results 814654 FIX: Error 1203 may be logged in the error log when you disconnect from an instance of SQL Server 2000 after you submit queries or transactions 814665 FIX: SQL Server assertion: "nret == FALSE" occurs when you insert or update table data in SQL Server 2000 814889 FIX: A DELETE statement with a JOIN might fail and you receive a 625 error 814893 FIX: Error message: "Insufficient key column information for updating" occurs in SQL Server 2000 SP3 814894 FIX: The xp_readmail stored procedure only saves the text of an embedded attachment 814916 FIX: Merge Agent for a filtered publication might fail 814919 FIX: No message appears when a blank password is set for a system administrator login in SQL Server Enterprise Manager 814950 FIX: A computer might transmit nonencrypted data when clients use the Multiprotocol Net-Library with the encryption option enabled 814997 FIX: The header information may not be included when the query parameter has a COMPUTE clause 815056 FIX: The checkpoint process can delay SQL Server database activity and does not yield Scheduler correctly causing Error: 17883 to occur 815057 FIX: SQL Server 2000 Uninstall option does not remove all files 815114 FIX: Excessive Optimizer memory consumption may occur for queries that have multiple OUTER JOINS 815115 FIX: A DTS package that uses global variables ignores error message raised by RAISERROR 815199 FIX: Profiler does not report CPU column value for RPC:Completed events correctly 815249 FIX: Performance of a query that is run from a client program on a SQL Server SP3 database is slow after you restart the instance of SQL Server 815476 FIX: The spacing may not be correct when you run xp_sendmail and the query parameter contains a COMPUTE clause 815592 FIX: Incorrect remoting of a predicate as a Sub-SELECT function after SQL Server 2000 Service Pack 3 upgrade 815593 FIX: Incorrect cardinality estimates for NOT EXISTS predicates after you upgrade to SQL Server 2000 Service Pack 3 816039 FIX: Code point comparison semantics for SQL_Latin1_General_Cp850_BIN collation 816069 FIX: A query with a large IN clause can cause concurrency issues 816084 FIX: sysindexes.statblob column may be corrupted after you run a DBCC DBREINDEX statement 816440 FIX: Error 8623 is raised when SQL Server compiles a complex query 816503 FIX: Floating point exception (Error 3628) might occur for queries that need merged histograms 816780 FIX: Merge Agent failures with articles that have indexed views defined 816834 FIX: Osql.exe may not run batches as fast as other ODBC-based applications 816840 FIX: Error 17883 may display message text that is not correct 816883 FIX: SQL Server optimizer may underestimate the cardinality of range queries 816937 FIX: A memory leak may occur when you use the sp_OAMethod stored procedure to call a method of a COM object 816985 FIX: You cannot install SQL Server 2000 SP3 on the Korean version of SQL Server 2000 817081 FIX: You receive an error message when you use the SQL-DMO BulkCopy object to import data into a SQL Server table 817186 FIX: A query that performs join operations between multiple tables may return incorrect results 817262 FIX: Complex query may not create an execution plan 817263 FIX: A SELECT statement against a view might not return qualifying rows 817359 FIX: An access violation may occur when you run an INSERT statement in an nText column 817368 FIX: An INSERT or UPDATE that results in a page split might fail with Error 818 817464 FIX: Using Sp_executesql in Merge Agent operations 817709 FIX: SQL Server 2000 might produce an incorrect cardinality estimate for outer joins 817780 FIX: A complex query is not successful on a server that has more than 2 GB of memory 818079 FIX: SQL Profiler displays incorrect TextData value when you run a nested stored procedure by using a Remote Procedure Call 818095 FIX: Cursor plans are not removed from the cache when virtual memory depleted 818096 FIX: Many extent lock time-outs may occur during extent allocation 818097 FIX: An access violation may occur when you run DBCC DBREINDEX on a table that has hypothetical indexes 818188 FIX: Query on the sysmembers virtual table may fail with a stack overflow 818335 FIX: A query may run slowly if the query contains a multi-table join and one of the joins is a view 818388 FIX: A Transact-SQL statement that is embedded in the database name runs with system administrator permissions 818414 FIX: The Sqldumper.exe file does not generate a userdump file when it runs against a Windows service 818540 FIX: SQL Server Enterprise Manager quits unexpectedly when you modify a DTS package 818729 FIX: Internal query processor Error 8623 when Microsoft SQL Server tries to compile a plan for a complex query 818766 FIX: Intense SQL Server activity results in spinloop wait 818767 FIX: Improved CPU usage for database logging when transaction log stalls occur 818768 FIX: Cannot set SQL Server instance specific network affinity 818769 FIX: Trace flag -T8002 treats an affinity mask like a process affinity 818772 FIX: Cannot set the network affinity for an instance of SQL Server 2000 Service Pack 3 818806 FIX: Some Named Pipes features are not disabled after you disable the Named Pipes protocol 818897 FIX: Invalid TDS sent to SQL Server results in access violation 818899 FIX: Error message 3628 may occur when you run a complex query 819100 MDAC Cliconfg.* files are not upgraded after you install SQL Server 2000 SP3a 819248 FIX: An access violation exception may occur when you insert a row in a table that is referenced by indexed views in SQL Server 2000 819662 FIX: Distribution Cleanup Agent incorrectly cleans up entries for anonymous Subscribers 819829 FIX: When you run a program or a Web browser script that uses the Command object in the ADO programming interface to run a SQL Server stored procedure, you may receive an "EXECUTE permission denied on object…" error message in SQL Server 2000 819955 FIX: Using xp_sendmail with a COMPUTE clause causes an access violation 820727 FIX: A long-running cursor fetch may lead to an assertion failure when you try to access a SQL Server 2000 database from an application 820835 FIX: SQL Server might take a long time to recover after an abrupt or unexpected server shutdown 820837 FIX: Allocation caching mechanisms enable faster allocation of pages to objects 821280 MS03-031: Security patch for SQL Server 2000 64-bit 821334 FIX: Issues that are resolved in SQL Server 2000 build 8.00.0859 821337 FIX: Localized versions of SQL Mail and the Web Assistant Wizard may not work as expected in SQL Server 2000 64 bit 821535 FIX: Merge replication fails with Error 207 while generating a snapshot 821537 FIX: A deadlock condition may occur when you perform an UPDATE operation or a DELETE operation against a remote OLE DB provider in SQL Server 2000 821548 FIX: A parallel query may generate an access violation after you install SQL Server 2000 SP3 821688 FIX: A query filter condition that has a LEFT OUTER JOIN clause may cause an incorrect row count estimate in the query execution plan 821740 FIX: MS DTC transaction commit operation blocks itself 821741 FIX: Lock monitor exception in DeadlockMonitor::ResolveDeadlock 821806 FIX: SQL Server may generate an incorrect SQL script for a table constraint when you use the "Generate SQL Script" option in Enterprise Manager 822033 FIX: A parameterized UNION query inside a stored procedure returns incorrect results 822641 Additional diagnostics added to diagnose long-running or canceled database autogrow operations in SQL Server 822668 FIX: "Connection is busy with results for another command" error message occurs when you run a linked server query 822746 FIX: Incorrect results from a parallel query that uses a UNION and variables or parameters 822747 FIX: Error 644 or 8646 may occur during a DELETE or UPDATE against a table that contains a Unicode column with a Latin1_General_BIN collation 822757 FIX: An Insert Select command with OPENXML and a SQL_VARIANT type can cause Error 2537 to occur 823429 FIX: You receive error message 7410 when you use a distributed query as a query parameter for the xp_sendmail stored procedure or the sp_makewebtask stored procedure in SQL Server 2000 823455 FIX: Visual Basic raises a syntax error when you try to compile a file that was created when you saved a DTS package 823514 FIX: Build 8.00.0837: A query that contains a correlated subquery runs slowly 823877 FIX: An access violation may occur when you run a query that contains 32,000 or more OR clauses 824018 FIX: Parallel query that uses an indexed bit column may return results that are not correct 824027 FIX: A cursor with a large object parameter may cause an access violation on CStmtCond::XretExecute 824028 FIX: An OUTER or SEMI JOIN query that results in hash role reversal followed by a spill may return incorrect results 824227 FIX: A SELECT statement that contains computed columns and invalid filter condition values may cause an access violation 824430 FIX: Performance decreases over time when you back up files in SQL Server 2000 825019 FIX: A linked server query fails with the error message "Statement(s) could not be prepared" in SQL Server 2000 825025 FIX: You cannot synchronize between a replication publisher and a replication republisher 825042 FIX: SQL Server jobs that are owned by non-sysadmin users may not start 825043 FIX: Rows are unexpectedly deleted when you run a distributed query to delete or to update a linked server table 825045 FIX: The Merge Agent takes a long time to download new data when it runs on a new anonymous subscription 825197 FIX: You receive error 3624 and the user database is marked suspect after you perform a bulk insert operation in SQL Server 2000 825225 FIX: You receive an error message when you run a parallel query that uses an aggregation function or the GROUP BY clause 825854 FIX: No exclusive locks may be taken if the DisAllowsPageLocks value is set to true 825883 FIX: The TextData column of the SP:StmtStarting event and the SP:StmtCompleted event displays the dynamic Transact-SQL statement even when the stored procedure is encrypted 825884 FIX: The dynamic query statement appears in the query execution plan of an encrypted stored procedure 826080 FIX: SQL Server 2000 protocol encryption applies to JDBC clients 826161 FIX: You are prompted for password confirmation after you change a standard SQL Server login 826364 FIX: A query with a LIKE comparison results in a non-optimal query plan when you use a Hungarian SQL Server collation 826376 FIX: An access violation may occur when you remove all elements from the procedure cache for a linked server over an interrupted remote access connection 826433 PRB: Additional SQL Server diagnostics added to detect unreported I/O problems 826754 FIX: A deadlock occurs if you run an explicit UPDATE STATISTICS command 826815 FIX: You receive an 8623 error message in SQL Server when you try to run a query that has multiple correlated subqueries 826822 FIX: A member of the db_accessadmin fixed database role can create an alias for the dbo special user 826860 FIX: Linked server query may return NULL if it is performed through a keyset cursor 827175 FIX: Incorrect parameter numbering occurs in custom stored procedures that are generated with the sp_scriptpublicationcustomprocs stored procedure 827178 FIX: You may receive a 644 error message when you run concurrent transactions on a heap 827714 FIX: A query may fail with retail assertion when you use the NOLOCK hint or the READ UNCOMMITTED isolation level 827954 FIX: Slow execution times may occur when you run DML statements against tables that have cascading referential integrity 828096 FIX: Key locks are held until the end of the statement for rows that do not pass filter criteria 828269 FIX: A Transact-SQL query that uses views may fail unexpectedly in SQL Server 2000 SP3 828308 FIX: An Internet Explorer script error occurs when you access metadata information by using DTS in SQL Server Enterprise Manager 828637 FIX: Users can control the compensating change process in merge replication 828699 FIX: An access violation occurs when you run DBCC UPDATEUSAGE on a database that has many objects 828945 FIX: You cannot insert explicit values in an IDENTITY column of a SQL Server table by using the SQLBulkOperations function or the SQLSetPos ODBC function in SQL Server 2000 829183 FIX: The xp_sendmail extended stored procedure returns incorrect result set column widths when data in one of the result set columns contain DBCS characters in SQL Server 2000 829205 FIX: Query performance may be slow and may be inconsistent when you run a query while another query that contains an IN operator with many values is compiled 829386 FIX: You cannot install MSDE 2000 if the Server service is not running 829444 FIX: A floating point exception occurs during the optimization of a query 830262 FIX: Unconditional update may not hold key locks on new key values 830298 FIX: SQL Server 2000 SP3 may generate slower query plans and bad cardinality estimates 830366 FIX: An access violation occurs in SQL Server 2000 when a high volume of local shared memory connections occur after you install security update MS03-031 830375 FIX: The global variable @@ERROR may return an incorrect value after a remote procedure call 830382 FIX: Distributed queries may incorrectly use SQL Server startup account permissions when SQL Server is running in fiber mode 830395 FIX: An access violation occurs during compilation if the table contains statistics for a computed column 830466 FIX: You may receive an "Internal SQL Server error" error message when you run a Transact-SQL SELECT statement on a view that has many subqueries in SQL Server 2000 830588 FIX: Access violation when you trace keyset-driven cursors by using SQL Profiler 830596 FIX: You receive an error message when the xp_logininfo extended stored procedure runs 830767 FIX: SQL Query Analyzer may stop responding when you close a query window or open a file 830773 FIX: You receive an EXCEPTION_ACCESS_VIOLATION error message when you try to save a DTS package in SQL Server 2000 830860 FIX: The performance of a computer that is running SQL Server 2000 degrades when query execution plans against temporary tables remain in the procedure cache 830887 FIX: Some queries that have a left outer join and an IS NULL filter run slower after you install SQL Server 2000 post-SP3 hotfix 830912 FIX: Key names read from an .ini file for a Dynamic Properties task may be truncated 831302 FIX: SQL Server underestimates the cardinality of a query expression and query performance may be slow 831675 FIX: You may receive incorrect results when you run a query that contains a UNION ALL operator, a TOP clause, and an ORDER BY clause 831950 FIX: You receive error message 3456 when you try to apply a transaction log to a server 831997 FIX: An invalid cursor state occurs after you apply Hotfix 8.00.0859 or later in SQL Server 2000 831999 FIX: An AWE system uses more memory for sorting or for hashing than a non-AWE system in SQL Server 2000 832437 FIX: A CHECKDB statement reports corruption after SQL Server transfers sql_variant data in SQL Server 2000 832977 FIX: The DBCC PSS command may cause access violations and 17805 errors in SQL Server 2000 833045 FIX: The xp_sendmail extended stored procedure does not run successfully in SQL Server 2000 SP2 or later 833406 FIX: Cardinality estimates for literals that are outside the histogram range are very low 833547 FIX: Restoring a SQL Server 7.0 database backup in SQL Server 2000 Service Pack 3 (SP3) may cause an assertion error in the Xdes.cpp file 833710 FIX: You receive an error message when you try to restore a database backup that spans multiple devices 834290 FIX: You receive a 644 error message when you run an UPDATE statement and the isolation level is set to READ UNCOMMITTED 834451 FIX: Restoring transaction log files takes longer than expected in SQL Server 2000 834453 FIX: The Snapshot Agent may fail after you make schema changes to the underlying tables of a publication 834688 FIX: You may receive a 913 error message if your query includes user-defined functions, derived tables, and JOINs 834720 Fix: An error in a remote procedure call does not roll back the local operation 834798 FIX: SQL Server 2000 may not start if many users try to log in to SQL Server when SQL Server is trying to start 834923 FIX: The SQL Server cluster resource may be marked as Fail when you try to take it offline 835864 FIX: Intermittent query slowdowns and corresponding high CPU utilization 836096 FIX: You may receive a 625 error message when you run a query that has a query plan that uses a nested loop join strategy 836136 FIX: The compile time for a query that uses at least one outer join may be greater for SQL Server post-SP3 builds 836141 FIX: An access violation exception may occur when SQL Server runs many parallel query processing operations on a multiprocessor computer 836839 FIX: Extended stored procedures in SQL Server 2000 may take longer to run when multiple users run the extended stored procedures at the same time 837231 FIX: Distribution Agent may fail after you add or drop a column for a published article 837401 FIX: Rows are not successfully inserted into a table when you use the BULK INSERT command to insert rows 837890 FIX: The CPU column in the sysprocesses system table contains a negative value or an abnormal variation for some processes 837957 FIX: When you use Transact-SQL cursor variables to perform operations that have large iterations, memory leaks may occur in SQL Server 2000 837969 FIX: You may receive an access violation in the CRowsetTraceData::FGetNextRow function when you trace server activity with SQL Profiler 837970 FIX: You may receive an "Invalid object name" error message when you run the DBCC CHECKCONSTRAINTS Transact-SQL statement on a table in SQL Server 2000 838409 FIX: SQL Server 2000 Service Pack 1 (SP1) and later builds may not generate an execution plan for a query, and you receive error message 8623 838459 FIX: You may receive a BPool::Map warning when you create or rebuild indexes by using the awe enabled configuration option 838460 FIX: The xp_logininfo procedure may fail with error 8198 after you install Q825042 or any hotfix with SQL Server 8.00.0840 or later 839096 FIX: An access violation exception may occur when you use PDH APIs to collect performance data for several instances of SQL Server at the same time 839280 FIX: SQL debugging does not work in Visual Studio .NET after you install Windows XP Service Pack 2 839458 FIX: An access violation exception may occur when you try to perform a Bulk Import operation to insert data in a SQL Server table 839523 FIX: An access violation exception may occur when you update a text column by using a stored procedure in SQL Server 2000 839529 FIX: 8621 error conditions may cause SQL Server 2000 64-bit to close unexpectedly 839589 FIX: The thread priority is raised for some threads in a parallel query 839688 FIX: Profiler RPC events truncate parameters that have a text data type to 16 characters 839884 FIX: A System.ExecutionEngineException exception occurs when you try to access the DTS DynamicPropertiesTaskAssignments collection 840166 FIX: The dynamic Snapshot Agent may fail when you use a dynamic snapshot for merge publications in SQL Server 2000 840208 FIX: You receive a "Msg 8649" error message when you execute the DBCC CHECKDB statement in SQL Server 2000 Service Pack 3 (SP3) 840406 FIX: Queries that join a view may run slowly if the view contains outer joins 840856 FIX: The MSSQLServer service exits unexpectedly in SQL Server 2000 Service Pack 3 841401 FIX: You may notice incorrect values for the "Active Transactions" counter when you perform multiple transactions on an instance of SQL Server 2000 that is running on an SMP computer 841404 FIX: You may receive a "The query processor could not produce a query plan" error message in SQL Server when you run a query that includes multiple subqueries that use self- joins 841627 FIX: SQL Server 2000 may underestimate the cardinality of a query expression under certain circumstances 841776 FIX: Additional diagnostics have been added to SQL Server 2000 to detect unreported read operation failures 843263 FIX: You may receive an 8623 error message when you try to run a complex query on an instance of SQL Server 843266 FIX: Shared page locks can be held until end of the transaction and can cause blocking or performance problems in SQL Server 2000 Service Pack 3 (SP3) 843267 FIX: Dynamic cursor retrieves the same row two times when you update the non- clustered index key to the same value 843282 FIX: The Osql.exe utility does not run a Transact-SQL script completely if you start the program from a remote session by using a background service and then log off the console session 843534 FIX: You may receive a 3628 error in SQL Server 2000 when you query many items that have an IN clause 867798 FIX: The @date_received parameter of the xp_readmail extended stored procedure incorrectly returns the date and the time that an e-mail message is submitted by the sender in SQL Server 2000 867878 FIX: The Log Reader Agent may cause 17883 error messages 867879 FIX: Merge replication non-convergence occurs with SQL Server CE subscribers 867880 FIX: Merge Agent may fail with an "Invalid character value for cast specification" error message 870972 FIX: The performance of a DML operation that fires a trigger may decrease when the trigger execution plan recompiles repeatedly 870994 FIX: An access violation exception may occur when you run a query that uses index names in the WITH INDEX option to specify an index hint 872842 FIX: A CHECKDB statement reports a 2537 corruption error after SQL Server transfers data to a sql_variant column in SQL Server 2000 872843 FIX: The Log Reader Agent may fail and you receive an assertion error message 873446 FIX: An access violation exception may occur when multiple users try to perform data modification operations at the same time that fire triggers that reference a deleted or an inserted table in SQL Server 2000 on a computer that is running SMP 873482 FIX: The restore process may take longer to complete when SQL Server 2000 restores transaction log files as part of the log shipping process 875445 FIX: An access violation exception may occur when you try to access SQL Server on a computer that is running under low memory conditions 878500 FIX: An Audit Object Permission event is not produced when you run a TRUNCATE TABLE statement 878501 FIX: You may receive an error message when you run a SET IDENTITY_INSERT ON statement on a table and then try to insert a row into the table in SQL Server 2000 883415 FIX: A user-defined function returns results that are not correct for a query 884554 FIX: A SPID stops responding with a NETWORKIO (0x800) waittype in SQL Server Enterprise Manager when SQL Server tries to process a fragmented TDS network packet 884772 FIX: You may receive a 1203 error message when you perform a complex select query in SQL Server 2000 build 856 or a later version 884850 FIX: When you run ad-hoc queries in Microsoft SQL Server 2000, ad-hoc query processing performance degradation may occur 884853 FIX: Performance is slow when you update a subscribed table on a subscriber that uses queued updating in SQL Server 2000 884854 FIX: You receive the "Could not find stored procedure" error message when you perform transactional replication with queued updating in SQL Server 2000 884855 FIX: You receive an error message when you run a statement on a table that contains a trigger in SQL Server 2000 884856 FIX: The non-clustered index is corrupted after you perform a self-update query in SQL Server 2000 884864 FIX: You may receive incorrect results when you run a query in SQL Server 2000 885158 FIX: Section names are truncated to a total length of 254 characters when you use Data Transformation Services to create a Dynamic Properties task and you add an .ini file in SQL Server 2000 885290 FIX: An assertion error occurs when you insert data in the same row in a table by using multiple connections to an instance of SQL Server 885442 FIX: You receive a "Server: Msg 8624, Level 16, State 1, Line 3 Internal SQL Server error" error message when you compile a delete query that contains sub-queries that use NOT IN clauses in SQL Server 2000 886708 FIX: Inserting lots of text, ntext, or image data over multiple concurrent connections takes a long time in SQL Server 2000 887974 FIX: A fetch on a dynamic cursor can cause unexpected results in SQL Server 2000 Service Pack 3 888008 FIX: Full-text queries that use the NEAR operator may return different results if the NEAR operands are reversed in SQL Server 2000 888429 FIX: LIKE pattern matching may consider half-width and full-width characters to be equal even if width-sensitive collation is specified 888444 FIX: You receive a 17883 error in SQL Server 2000 Service Pack 3 or in SQL Server 2000 Service Pack 3a when a worker thread becomes stuck in a registry call 888998 FIX: A query that joins two tables on smalldatetime data type columns, may produce incorrect results in SQL Server 2000 889166 FIX: You receive a "Msg 3628" error message when you run an inner join query in SQL Server 2000 889170 FIX: You receive a "Not enough storage is available to complete this operation" error message when you run a Data Transformation Services package in SQL Server 2000 889239 FIX: Start times in the SQL Profiler are different for the Audit:Login and Audit:Logout events in SQL Server 2000 889266 FIX: A database is marked suspect when you open the database in SQL Server 2000 889314 FIX: Non-convergence may occur in a merge replication topology if the primary connection to the publisher is disconnected 890200 FIX: SQL Server 2000 stops listening for new TCP/IP Socket connections unexpectedly after error message 17882 is written to the SQL Server 2000 error log 890637 FIX: A 17883 error is written to the SQL Server 2000 error log and the LogWriter component does not yield correctly 890730 FIX: You receive a 17883 error message when you perform large in-memory sort operations in SQL Server 2000 890755 FIX: A "Server: Msg 7105" error message is repeatedly logged in the error log, assertions may be logged in the error log, and you receive a "Server: Msg 8929" error message in SQL Server 2000 890767 FIX: You receive a "Server: Msg 107, Level 16, State 3, Procedure TEMP_VIEW_Merge, Line 1" error message when the sum of the length of the published column names in a merge publication exceeds 4,000 characters in SQL Server 2000 890768 FIX: You experience non-convergence in a replication topology when you unpublish or drop columns from a dynamically filtered publication in SQL Server 2000 890925 FIX: The @@ERROR system function may return an incorrect value when you execute a Transact-SQL statement that uses a parallel execution plan in SQL Server 2000 32- bit or in SQL Server 2000 64-bit 890942 FIX: Some complex queries are slower after you install SQL Server 2000 Service Pack 2 or SQL Server 2000 Service Pack 3 891017 FIX: SQL Server 2000 may stop responding to other requests when you perform a large deallocation operation 891201 FIX: Performance is significantly reduced when you set trace flag 9134 to prevent error message 601 in SQL Server 2000 891268 FIX: You receive a 17883 error message and SQL Server 2000 may stop responding to other requests when you perform large in-memory sort operations 891707 FIX: A decrease in ad-hoc query processing may occur when you submit many ad- hoc queries without using defined parameters in SQL Server 2000 892406 FIX: The setting for the precision and the scale of the data that is returned from a stored procedure output parameter is (38,0) when a null value is returned in SQL Server 2000 892451 BUG: You receive an "EXCEPTION_ACCESS_VIOLATION" error message when you use a RIGHT OUTER JOIN clause in SQL Server 2000 892924 FIX: You receive a 7619 error message when you run a full text query that contains certain Japanese character strings on an instance of SQL Server 2000 that is running on a Windows 2000-based computer Base: http://support.microsoft.com/kb/888799/en-us Anexo 3 – O Manifesto de um Hacker Por "The Mentor" Mais um foi pego hoje, está por toda parte nos jornais. "Adolescente Preso em Escândalo de Crime de Computador", "Hacker preso depois de trapaça em Banco". "Crianças malditas", "Crianças imbecis". "Eles são todos iguais". Mas você em sua psicologia de três ângulos e pensamento de 1950, alguma vez olhou através dos olhos de um hacker? Você já imaginou o que o faz agir, quais forças o motivam, o que o tornou assim? Eu sou um hacker, entre em meu mundo. Meu mundo é aquele que começa na escola. Eu sou mais inteligente que a maioria das outras crianças, esta besteira que nos ensinam me chateia. "Maldição". Eles são todos iguais. Eu estou na escola primária ou secundária. Eu escutei os professores explicarem pela qüinquagésima vez como reduzir uma fração. Eu entendo isto. "Não, Sra. Smith, eu não mostrei meu trabalho. Eu o fiz em minha cabeça". "Criança maldita". "Provavelmente copiou isto. Eles são todos iguais". Eu fiz uma descoberta hoje. Eu encontrei um computador. Espere um segundo, isto está legal. Faz o que eu quero. Comete-se um engano, é porque eu estraguei isto. Não porque não gosta de mim, ou sente atração por mim, ou pensa que sou inteligente, ou não gosta de ensinar e não deveria estar aqui. Criança maldita. Tudo que ele faz é jogar jogos. Eles são todos iguais. E então aconteceu… Uma porta abriu-se para um mundo… Surfando rapidamente pela linha telefônica como heroína pelas veias de um viciado, uma pulsação eletrônica é enviada, um refúgio para a incompetência do dia-a-dia… Encontramos uma BBS. "É isto… Este é o mundo ao qual pertenço…" Eu conheço todos aqui… Até mesmo se eu nunca tenha falado com eles, mesmo que nunca mais vá ter notícias novamente deles… Eu o conheço todos… Crianças malditas. Prendendo a linha telefônica novamente. Eles são todos iguais… Você acertou seu babaca nós somos todo iguais… Na escola nós comíamos comida de bebê quando nós tínhamos fome de carne… Os pedaços de carne que você deixou passar foi pré-mastigado e sem gosto. Nós fomos dominados por sádicos, ou ignorados pelo apático. Os poucos que tiveram algo a nos ensinar quando crianças acharam os alunos dispostos a tudo, mas esses poucos são como gotas d'água no deserto. Agora este é o nosso mundo… O mundo eletrônico, a beleza da transmissão eletrônica. Nós fazemos uso de um serviço que já existe sem pagar o que poderia ser muito caro se não fosse usado por gulosos aproveitadores, e você nos chama os criminosos. Nós exploramos… E você nos chama de criminosos. Nós buscamos por conhecimento… E você nos chama de criminosos. Nós existimos sem cor de pele, sem nacionalidade, sem preconceito religioso… E você nos chama de criminosos. Você constrói bombas atômicas, você empreende guerras, você assassina, engana, e mente a nós e tenta nos fazer acreditar que é para nosso próprio bem, contudo nós somos os criminosos. Sim, eu sou um criminoso. Meu crime é a curiosidade. Meu crime é o de julgar as pessoas pelo que eles dizem e pensam não como eles se parecem. Meu crime é desafiar e enganar vocês, algo que você nunca me perdoará. Eu sou um hacker, e este é meu manifesto. Você pode parar este indivíduo, mas você não nos pode parar todos nós… Afinal de contas, nós somos todos iguais.

Este foi o último artigo publicado pelo hacker "The Mentor".

Lista de abrevitauras e siglas

ACK: Acknowledge, Reconhecimento; ACL: Access Control List, Lista de Controle de Acesso; ASP: Active Server Pages, Páginas Ativas no Servidor; GPL: General Public License, Licença Pública Geral; GUI: Graphical User Interface, Interface Gráfica do Utilizador; HTML: HyperText Markup Language, Linguagem de Marcação de Hipertexto; ICMP: Internet Control Message Protocol IIS: Internet Information Services; IP: Internet Protocol, Protocolo de Internet; LGPL: Lesser General Public License; NTFS: New Technology File System; PHP: PHP: Hypertext Preprocessor; RAID: Redundant Array of Independent Drives (ou Disks); SDK: Software Development Kit, Kit de Desenvolvimento de Software; SGBD: Sistema Gerenciador de Banco de Dados; SMB: Server Message Block; SO: Sistema Operacional; SQL: Structured Query Language, Linguagem de Consulta Estruturada; TCP: Transmission Control Protocol; UDP: User Datagram Protocol; URL: Uniform Resource Locator; WEB: World Wide Web, Grande Rede de Computadores;

Agradecimentos

Aos meus pais pela educação, pelo apoio e presença em minha vida; Aos meus irmãos, pela união, pela torcida, e pela estrutura familiar; Aos demais familiares, pela confiança; A Professora Daniela Luchesi, pela orientação; Aos demais professores, pelo empenho; Aos colegas de sala, pela contribuição.

UNINOVE UNIVERSIDADE NOVE DE JULHO. SEGURANÇA EM SERVIDORES DE BANCOS DE DADOS, TÉCNICAS DE INVASÃO E PROTEÇÃO

Orientadora: Profª Daniela Luchesi.

Bauru – SP. 2008.

 

 

 

Autor:

Munari, Luiz Marcelo Fernandes.

Partes: 1, 2, 3
 Página anterior Volver al principio del trabajoPágina siguiente