PT-2000-1344 · Microsoft · Sql Server

Publicado

2000-05-30

Atualizado

2018-10-12

CVE-2000-0402

CVSS v2.0

2.1

Baixa

Vetor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Microsoft SQL Server version 7.0

Description The Mixed Mode authentication capability in Microsoft SQL Server stores the System Administrator (sa) account in plaintext in a log file. This log file is readable by any user.

Recommendations For Microsoft SQL Server version 7.0, consider restricting access to the log file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2000-0402

Produtos afetados

Sql Server

PT-2000-1344 · Microsoft · Sql Server

CVE-2000-0402

Identificadores relacionados

Produtos afetados

Referências · 8