Phase:The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability.
ReferencesMS:MS99-030 | URL:http://www.microsoft.com/technet/security/bulletin/ms99-030.asp | XF:jet-vba-shell(3155) | URL:http://xforce.iss.net/static/3155.php | BID:548 | URL:http://www.securityfocus.com/bid/548
Votes:Modified (Friday, February 22, 2002-01)
Comments: ACCEPT(5) Prosser, Wall, Baker, Cole, Armstrong | MODIFY(1) Frech | REJECT(1) LeBlanc | REVIEWING(1) Christey
F7: LeBlanc> - same as CVE-1999-1011 | If I'm misunderstanding something here, please correct me. In fact, it has | the same bulletin as a reference. | Frech> XF:jet-vba-shell | Prosser> This entry is not the same as "now" CVE-1999-1011. That entry is "The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands." This one should be correct. | Christey> BUGTRAQ:19990525 Advisory: NT ODBC Remote Compromise | http://marc.theaimsgroup.com/?l=bugtraq&m=92765973107637&w=2 | NTBUGTRAQ:19990526 Advisory: NT ODBC Remote Compromise | http://marc.theaimsgroup.com/?l=ntbugtraq&m=92781907215748&w=2 | Christey> The Microsoft advisory itself describes two separate | vulnerabilities, calling the TEXT I-ISAM problem | (CVE-2000-0323) a variant of the VBA Shell problem (this | CAN). In addition, CVE-2000-0323 does *not* appear in Jet | 4.0, while this one does. Since one problem appears in a | different version than the other, CD:SF-LOC suggests keeping | these candidates SPLIT. | | BID:548 | http://www.securityfocus.com/bid/548 | CHANGE> [Christey changed vote from NOOP to REVIEWING] | Christey> Need to clarify whether the Bugtraq/NTBugtraq posts are | really describing the same issue (those are BID:286).