VULHUB ™

A vulnerability has been reported for SQL Server 2000 that may allow an attacker to execute SQL Server with elevated privileges. This is a result of incorrect permissions placed upon the SQL Server Service Account Registry Key. An attacker who is able to load and execute queries on SQL Server may be able to cause SQL Server to change permissions for its associated registry key. By default, the permissions of the registry key used to specify the account used by the SQL server process are insecure. Through SQL queries, the key may be modified without administrative privileges. If the server has been configured to run with non-administrative privileges, an attacker may exploit this vulnerability to configure the server so that it runs with higher privileges when it is next started. ** This vulnerability was first issued as BugTraq ID 5204, Multiple Microsoft SQLServer 2000 Vulnerabilities and is now assigned a separate BugTraq ID.

A vulnerability has been reported for SQL Server 2000 that may allow an attacker to execute SQL Server with elevated privileges. This is a result of incorrect permissions placed upon the SQL Server Service Account Registry Key. An attacker who is able to load and execute queries on SQL Server may be able to cause SQL Server to change permissions for its associated registry key. By default, the permissions of the registry key used to specify the account used by the SQL server process are insecure. Through SQL queries, the key may be modified without administrative privileges. If the server has been configured to run with non-administrative privileges, an attacker may exploit this vulnerability to configure the server so that it runs with higher privileges when it is next started. ** This vulnerability was first issued as BugTraq ID 5204, Multiple Microsoft SQLServer 2000 Vulnerabilities and is now assigned a separate BugTraq ID.