Hollie  Ratke

Hollie Ratke

1597554000

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules

Intel is warning of a rare critical-severity vulnerability affecting several of its motherboards, server systems and compute modules. The flaw could allow an unauthenticated, remote attacker to achieve escalated privileges.

The recently patched flaw (CVE-2020-8708) ranks 9.6 out of 10 on the CVSS scale, making it critical. Dmytro Oleksiuk, who discovered the flaw, told Threatpost that it exists in the firmware of Emulex Pilot 3. This baseboard-management controller is a service processor that monitors the physical state of a computer, network server or other hardware devices via specialized sensors.

Click to register!

Emulex Pilot 3 is used by various motherboards, which aggregate all the server components into one system. Also impacted are various server operating systems, and some Intel compute modules, which are electronic circuits, packaged onto a circuit board, that provide various functions.

The critical flaw stems from improper-authentication mechanisms in these Intel products before version 1.59.

In bypassing authentication, an attacker would be able to access to the KVM console of the server. The KVM console can access the system consoles of network devices to monitor and control their functionality. The KVM console is like a remote desktop implemented in the baseboard management controller – it provides an access point to the display, keyboard and mouse of the remote server, Oleksiuk told Threatpost.

The flaw is dangerous as it’s remotely exploitable, and attackers don’t need to be authenticated to exploit it – though they need to be located in the same network segment as the vulnerable server, Oleksiuk told Threatpost.

“The exploit is quite simple and very reliable because it’s a design flaw,” Oleksiuk told Threatpost.

Beyond this critical flaw, Intel also fixed bugs tied to 22 critical-, high-, medium- and low-severity CVEs affecting its server board, systems and compute modules. Other high-severity flaws include a heap-based overflow (CVE-2020-8730) that’s exploitable as an authenticated user; incorrect execution-assigned permissions in the file system (CVE-2020-8731); and a buffer overflow in daemon (CVE-2020-8707) — all three of which enable escalated privileges.

intel flaw

Click to enlarge.

Oleksiuk was credited with reporting CVE-2020-8708, as well as CVE-2020-8706, CVE-2020-8707. All other CVEs were found internally by Intel.

Affected server systems include: The R1000WT and R2000WT families, R1000SP, LSVRP and LR1304SP families and R1000WF and R2000WF families.

Impacted motherboards include: The S2600WT family, S2600CW family, S2600KP family, S2600TP family, S1200SP family, S2600WF family, S2600ST family and S2600BP family.

Finally, impacted compute modules include: The HNS2600KP family, HNS2600TP family and HNS2600BP family. More information regarding patches is available in Intel’s security advisory.

Intel also issued an array of other security advisories addressing high-severity flaws across its product lines, including ones that affect Intel Graphics Drivers, Intel’s RAID web console 3 for Windows, Intel Server Board M10JNP2SB and Intel NUCs.

#vulnerabilities #compute module #critical flaw #cve-2020-8708 #intel #intel critical flaw #intel flaw #intel motherboard #intel server board #patch #privilege escalation #security vulnerability #server system

What is GEEK

Buddha Community

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules
Hollie  Ratke

Hollie Ratke

1597554000

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules

Intel is warning of a rare critical-severity vulnerability affecting several of its motherboards, server systems and compute modules. The flaw could allow an unauthenticated, remote attacker to achieve escalated privileges.

The recently patched flaw (CVE-2020-8708) ranks 9.6 out of 10 on the CVSS scale, making it critical. Dmytro Oleksiuk, who discovered the flaw, told Threatpost that it exists in the firmware of Emulex Pilot 3. This baseboard-management controller is a service processor that monitors the physical state of a computer, network server or other hardware devices via specialized sensors.

Click to register!

Emulex Pilot 3 is used by various motherboards, which aggregate all the server components into one system. Also impacted are various server operating systems, and some Intel compute modules, which are electronic circuits, packaged onto a circuit board, that provide various functions.

The critical flaw stems from improper-authentication mechanisms in these Intel products before version 1.59.

In bypassing authentication, an attacker would be able to access to the KVM console of the server. The KVM console can access the system consoles of network devices to monitor and control their functionality. The KVM console is like a remote desktop implemented in the baseboard management controller – it provides an access point to the display, keyboard and mouse of the remote server, Oleksiuk told Threatpost.

The flaw is dangerous as it’s remotely exploitable, and attackers don’t need to be authenticated to exploit it – though they need to be located in the same network segment as the vulnerable server, Oleksiuk told Threatpost.

“The exploit is quite simple and very reliable because it’s a design flaw,” Oleksiuk told Threatpost.

Beyond this critical flaw, Intel also fixed bugs tied to 22 critical-, high-, medium- and low-severity CVEs affecting its server board, systems and compute modules. Other high-severity flaws include a heap-based overflow (CVE-2020-8730) that’s exploitable as an authenticated user; incorrect execution-assigned permissions in the file system (CVE-2020-8731); and a buffer overflow in daemon (CVE-2020-8707) — all three of which enable escalated privileges.

intel flaw

Click to enlarge.

Oleksiuk was credited with reporting CVE-2020-8708, as well as CVE-2020-8706, CVE-2020-8707. All other CVEs were found internally by Intel.

Affected server systems include: The R1000WT and R2000WT families, R1000SP, LSVRP and LR1304SP families and R1000WF and R2000WF families.

Impacted motherboards include: The S2600WT family, S2600CW family, S2600KP family, S2600TP family, S1200SP family, S2600WF family, S2600ST family and S2600BP family.

Finally, impacted compute modules include: The HNS2600KP family, HNS2600TP family and HNS2600BP family. More information regarding patches is available in Intel’s security advisory.

Intel also issued an array of other security advisories addressing high-severity flaws across its product lines, including ones that affect Intel Graphics Drivers, Intel’s RAID web console 3 for Windows, Intel Server Board M10JNP2SB and Intel NUCs.

#vulnerabilities #compute module #critical flaw #cve-2020-8708 #intel #intel critical flaw #intel flaw #intel motherboard #intel server board #patch #privilege escalation #security vulnerability #server system

Ruth  Nabimanya

Ruth Nabimanya

1620633584

System Databases in SQL Server

Introduction

In SSMS, we many of may noticed System Databases under the Database Folder. But how many of us knows its purpose?. In this article lets discuss about the System Databases in SQL Server.

System Database

Fig. 1 System Databases

There are five system databases, these databases are created while installing SQL Server.

  • Master
  • Model
  • MSDB
  • Tempdb
  • Resource
Master
  • This database contains all the System level Information in SQL Server. The Information in form of Meta data.
  • Because of this master database, we are able to access the SQL Server (On premise SQL Server)
Model
  • This database is used as a template for new databases.
  • Whenever a new database is created, initially a copy of model database is what created as new database.
MSDB
  • This database is where a service called SQL Server Agent stores its data.
  • SQL server Agent is in charge of automation, which includes entities such as jobs, schedules, and alerts.
TempDB
  • The Tempdb is where SQL Server stores temporary data such as work tables, sort space, row versioning information and etc.
  • User can create their own version of temporary tables and those are stored in Tempdb.
  • But this database is destroyed and recreated every time when we restart the instance of SQL Server.
Resource
  • The resource database is a hidden, read only database that holds the definitions of all system objects.
  • When we query system object in a database, they appear to reside in the sys schema of the local database, but in actually their definitions reside in the resource db.

#sql server #master system database #model system database #msdb system database #sql server system databases #ssms #system database #system databases in sql server #tempdb system database

Ray  Patel

Ray Patel

1625843760

Python Packages in SQL Server – Get Started with SQL Server Machine Learning Services

Introduction

When installing Machine Learning Services in SQL Server by default few Python Packages are installed. In this article, we will have a look on how to get those installed python package information.

Python Packages

When we choose Python as Machine Learning Service during installation, the following packages are installed in SQL Server,

  • revoscalepy – This Microsoft Python package is used for remote compute contexts, streaming, parallel execution of rx functions for data import and transformation, modeling, visualization, and analysis.
  • microsoftml – This is another Microsoft Python package which adds machine learning algorithms in Python.
  • Anaconda 4.2 – Anaconda is an opensource Python package

#machine learning #sql server #executing python in sql server #machine learning using python #machine learning with sql server #ml in sql server using python #python in sql server ml #python packages #python packages for machine learning services #sql server machine learning services

Jermey  Padberg

Jermey Padberg

1594198020

Critical Intel Flaws Fixed in Active Management Technology

Intel has released its June security updates, which address two critical vulnerabilities that, if exploited, can give unauthenticated attackers elevated privileges.

The critical flaws exist in Intel’s Active Management Technology (AMT), which is used for remote out-of-band management of personal computers.

The two critical flaws (CVE-2020-0594 and CVE-2020-0595) exist in the IPv6 subsystem of AMT (and Intel’s Standard Manageability solution, which has a similar function as AMT). The flaws could potentially enable an unauthenticated user to gain elevated privileges via network access. AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 are affected.

CVE-2020-0594 is an out-of-bounds read flaw while CVE-2020-0595 is a use-after-free vulnerability. Both flaws ranks 9.8 out of 10.0 on the CVSS scale, making them critical.

A high-severity privilege escalation flaw, existing in the Intel Innovation Engine, was also patched. Innovation Engine is an embedded core in the Peripheral Controller Hub (PCH), that is a dedicated subsystem that system vendors can use to customize their firmware.

The flaw (CVE-2020-8675) stems from insufficient control flow management in the Innovation Engine’s firmware build and signing tool, before version 1.0.859, may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

A flaw was also fixed in Intel’s Solid State Drive (SSD) products, which allow information disclosure. The flaw (CVE-2020-0527) stems from insufficient control flow management in firmware for some Intel Data Center SSDs (a list of affected products can be found here).

The flaw “may allow a privileged user to potentially enable information disclosure via local access,” according to Intel.

Intel also fixed flaws in the BIOS firmware for some Intel Processors, which may enable escalation of privilege or denial of service (DoS). That includes a high-severity flaw (CVE-2020-0528) stemming from Improper buffer restrictions in the BIOS firmware for 7th, 8th, 9th and 10th Generation Intel Core processor families. In order to exploit this flaw, an attacker would need to be authenticated (for privilege escalation) and have local access (for DoS).

“Intel recommends that users update to the latest firmware version provided by the system manufacturer that addresses this issue,” according to the chip giant’s advisory.

Intel also fixed an array of high-severity flaws (including CVE-2020-0586CVE-2020-0542CVE-2020-0596,CVE-2020-0538CVE-2020-0534CVE-2020-0533CVE-2020-0566 and CVE-2020-0532)across its Converged Security and Manageability Engine (CSME), Server Platform Services (SPS), Trusted Execution Engine (TXE) and Dynamic Application Loader (DAL) products.

#critical flaw #intel security #intel security update #security

Loma  Baumbach

Loma Baumbach

1598296680

SQL Server System Databases - Basic Concepts

Introduction

The SQL Server design implies a one-to-many mapping between the database engine (instance) and the databases hosted on the instance. It means that you can deploy several databases on one instance of the SQL server. According to the Microsoft documentation, you can have up to 32767 databases on a single instance of SQL Server. Of course, there will be limitations, like the resources on the server, managing concurrency on TempDB, network traffic, etc.

Databases deployed on a SQL Server instance can either be System Databases or User Databases. System Databases come installed with the instance. In this article, we will discuss the purpose of each System database. Also, we’ll clarify what you need to care for when managing system databases on SQL Server.

Overview of System Databases

System databases are a part of many processes taking place when you install an instance of SQL Server. By default, these databases are created in the following paths:

%programfiles%\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\DATA

and

%programfiles%\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Log

The path can be different. During the installation of SQL Server, you can specify the location of the system database files.

To list all the system databases in an instance, you can invoke the code in Listing 1. Listing 2 can be used to determine the location of the datafiles associated with the system databases. Note that in both scripts, we use a filter returning databases with database_id of 5 or higher than 5.

The essential “visible” system databases have database_ids 1,2,3,4 – they refer to master, tempdb, model, and msdb, respectively. There is also an “invisible” database called the resource databases and other system databases created when you enable features like replication.

-- Listing 1: System Databases
select 
name
,database_id
,create_date
,state_desc
,recovery_model_desc
,log_reuse_wait_desc
,physical_database_name
,is_db_chaining_on
,is_broker_enabled
,is_mixed_page_allocation_on
from sys.databases 
where database_id<5;

-- Listing 2: System Database Files
select 
name
,database_id
,DB_NAME(database_id)
,name
,physical_name
,type_desc
from sys.master_files 
where database_id<5;

Figure 1: System Databases

The master Database

The master database is the first database open on the start of SQL Server, containing the following data:

  • The records of the structure/configuration of the instance and all other databases.
  • The most dynamic management views that are necessary for monitoring the instance.

Thus, it has the information necessary for opening all other databases. That’s why it has to be first to open. The question is how to do it.

The SQL Server startup parameters contain two entries, which define the locations of the master database data and log files. The default startup parameters include only three lines – the third one is the error log file location. When SQL Server starts up, it must be able to write to that error log file.

The master database opens first. The information stored in the master database, including the configurations defined using sp_configure, applies to open other databases and complete the instance startup process.

Figure 2: SQL Server Configuration Manager

Figure 3: SQL Server Startup Parameters

There are several ways to learn about useful SQL Server system objects, like Dynamic Management Views and Functions.

For instance, expand the views or programmability nodes for the master database on object explorer. There, review these objects’ names and get more details from Books Online.

You can also migrate logins from one instance to another. For that, restore a backup of the master database to the destination instance. We’ll describe the specific technique in a separate article.

#sql server #sql server #sql server instance #sql server system databases #tutorial #database