MS00-035: MS SQL7.0 Service Pack may leave passwords on system (263968)

The installation process of the remote MS SQL server left a file named 'sqlsp.log' on the remote host. This file contains the password assigned to the 'sa' account of the remote database. An attacker may use this flaw to gain administrative access to the database server. C Tenable Network Securit...

MS02-035: MS SQL Installation may leave passwords on system (263968)

The installation process for the remote MS SQL Server left files named 'setup.iss' on the remote host. These files contain the password assigned to the 'sa' account of the remote database. An attacker who manages to view these files may be able to leverage this issue to gain full administrative...

Microsoft Windows SQL Server allows arbitrary queries to be executed via "xp_execresultset" extended procedure

Overview MS SQL Server contains an extended stored procedure with inappropriate permission settings. Description Microsoft SQL Server 7.0 and Microsoft SQL Server 2000 contain an extended stored procedure, xpexecresultset , that permits an unprivileged user of a database to gain administrative...

CVE-2002-0645

Technical details for CVE-2002-0645 are not publicly provided in the connected documents; the available sources reference the vulnerability at a high level. Monitor for updates from official advisories.

CVE-2002-0154

Microsoft SQL Server 7.0 and SQL Server 2000 contain buffer overflow vulnerabilities in multiple extended stored procedures. A remote attacker could exploit these to cause a denial of service or execute arbitrary code (potentially with the SQL Server service account privileges), and could even af...

MS SQL 7.0 DTS saved packages contain plain text passwords

When creating a Data Transformation Service DTS Package be carefull. The saved file does not encrypt the passwords that the package will use when executed. If a client could convice an admin to create an example DTS package for troubleshooting then the client would have the admin's SQL password. ...

Проблема кэшированных подключений в MS SQL (cached connections)

При исопльзовании mixed mode административное подключение к SQL-Серверу остается кэшированным в течение некоторого времени в случае непредвиденного отключения администратора. В этом случае оно может быть перехвачено...

MS-SQL 'sa' user exploit code

Hi BugTraq-ers, It has come to light that it is now common knowledge that MS-SQL has a blank 'sa' password by default. This seems to affect a lot of servers on the internet. Since this knowledge has been made public by others, I'll release my program 'linsql' linux only -- ports anyone? which can...

И еще одна проблема с паролями в MS SQL 7

При использовании Data Transformation Services пароль пользователя показывается в качестве поля типа password в одной из диалоговых форм, что позволяет его оттуда извлечь...