EUVD-2002-0637

Malware in sbrugna...

CVE-2000-1209

The "sa" account is installed with a default null password on 1 Microsoft SQL Server 2000, 2 SQL Server 7.0, and 3 Data Engine MSDE 1.0, including third party packages that use these products such as 4 Tumbleweed Secure Mail MMS 5 Compaq Insight Manager, and 6 Visio 2000, which allows remote...

CVE-2002-0643

The installation of Microsoft Data Engine 1.0 MSDE 1.0, and Microsoft SQL Server 2000 creates setup.iss files with insecure permissions and does not delete them after installation, which allows local users to obtain sensitive data, including weakly encrypted passwords, to gain privileges, aka "SQ...

Security Bulletin MS02-035: SQL Server Installation Process May Leave Passwords on System (Q263968)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: SQL Server Installation Process May Leave Passwords on System Q263968 Date: July 10, 2002 Software: Microsoft SQL Server 7.0, Microsoft Data Engine 1.0 MSDE 1.0, or SQL Server 2000...

Microsoft SQL Server and Microsoft Data Engine (MSDE) ship with a null default password

Overview Microsoft SQL Server and Microsoft Data Engine ship with a null default password on the administrative account sa. If the system administrator does not set the password, the system may be vulnerable to attack. Description Microsoft SQL Server MS SQL and Microsoft Data Engine MSDE ship...