CVE-2002-1981

Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the 1 spMSSetServerProperties or 2 spMSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings...

PT-2002-2594 · Microsoft · Sql Server

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server versions 6.0 through 2000 Description: The issue allows remote attackers to sniff and decrypt passwords due to the use of weak password encryption XOR when SQL Authentication is enabled. Recommendations: For Microsoft SQL...

CVE-2002-1145

The xprunwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine MSDE 1.0, and Microsoft Desktop Engine MSDE 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is owned by the database owne...

CVE-2002-1145

The xprunwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine MSDE 1.0, and Microsoft Desktop Engine MSDE 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is owned by the database owne...

Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002)

NGSSoftware Insight Security Research Advisory Name: Microsoft SQL Server Webtasks privilege elevation Systems: Microsoft SQL Server 2000 and 7 Severity: High Risk Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected] Advisory URL:...

Multiple bugs in Microsoft SQL Server (multiple bugs)

Buffer overflows in OpenDataSource, OPENROWSET, pwdencrypt and xpdirtree. Weak registry permissions, weak password enbcryption...

CVE-2002-1138

Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine MSDE 1.0 and Microsoft Desktop Engine MSDE 2000, writes output files for scheduled jobs under its own privileges instead of the entity that launched it, which allows attackers to overwrite system files, aka "Flaw in Output File...

CVE-2002-1137

Buffer overflow in the Database Console Command DBCC that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine MSDE 1.0 and Microsoft Desktop Engine MSDE 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data...

CVE-2002-1123

Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine MSDE 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow...

CVE-2002-0982

Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the spMScopyscript stored procedure...

CVE-2002-0721

Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via 1 xpexecresultset, 2...

CVE-2002-0859

Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code...

Microsoft SQL Server Stored procedures [sp_MSSetServerPropertiesn and sp_MSsetalertinfo] (#NISR03092002A)

NGSSoftware Insight Security Research Advisory Name: spMSSetServerPropertiesn and spMSsetalertinfo Systems: Microsoft SQL Server 2000 Severity: Low Risk Category: Configuration Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected] Advisory URL:...

CVE-2002-0982

Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the spMScopyscript stored procedure...

Arbitrary Command Execution on Distributor SQL Server 2000 machines (#NISR22002002A)

NGSSoftware Insight Security Research Advisory Name: Arbitrary Command Execution on SQL Server 2000 Systems: Microsoft SQL Server 2000 SP 2 Severity: High Risk for Distributor servers Category: Arbitrary Command Execution Vendor URL: http://www.microsoft.com/ Author: David Litchfield...

CVE-2002-0721

Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via 1 xpexecresultset, 2...

CVE-2002-0721

The CVE-2002-0721 issue affects Microsoft SQL Server 7.0 and 2000 where extended stored procedures with weak permissions (xp_execresultset, xp_printstatements, xp_displayparamstmt) can allow an unprivileged user to execute procedures with administrator privileges. CERT advisories describe the ris...

Microsoft SQL Server Extended Stored Procdure privilege upgrade vulnerabilities (#NISR15002002A)

NGSSoftware Insight Security Research Advisory Name: Extended Stored Procedure Privilege Upgrade Systems: Microsoft SQL Server 2000 and 7 Severity: High Risk Category: Privilege Escalation Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected] Advisory URL:...

Microsoft Windows SQL Server allows arbitrary queries to be executed via "xp_displayparamstmt" extended procedure

Overview MS SQL Server contains an extended stored procedure with inappropriate permission settings. Description Microsoft SQL Server 7.0 and Microsoft SQL Server 2000 contain an extended stored procedure, xpdisplayparamstmt , that permits an unprivileged user of a database to gain administrative...

Microsoft SQL 20007.0 - Agent Jobs Privilege Escalation

Microsoft SQL 20007.0 - Agent Jobs Privilege Escalation source: https://www.securityfocus.com/bid/5483/info Microsoft SQL Server 2000 uses an Agent which is responsible for restarting the SQL Server service, replication, and running scheduled jobs. Some of the jobs that the Agent executes have we...