Published: 05/09/2002 Updated: 12/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft sql server 2000
microsoft data engine 1.0
microsoft data engine 2000
microsoft sql server 7.0

source: wwwsecurityfocuscom/bid/5483/info Microsoft SQL Server 2000 uses an Agent which is responsible for restarting the SQL Server service, replication, and running scheduled jobs Some of the jobs that the Agent executes have weak permissions, which could allow a user with low permissions to perform actions on the database in the cont ...

NVD-CWE-Other http://www.ngssoftware.com/advisories/mssql-esppu.txt http://www.kb.cert.org/vuls/id/399531 http://www.kb.cert.org/vuls/id/818939 http://www.kb.cert.org/vuls/id/939675 http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0087.html http://marc.info/?l=ntbugtraq&m=102950792606475&w=2 http://marc.info/?l=bugtraq&m=102950473002959&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-043 https://nvd.nist.gov https://www.exploit-db.com/exploits/21718/https://www.kb.cert.org/vuls/id/399531

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-0721

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect