New SQL Server Cumulative Security Patch AvailableAugust 16, 2002
The new vulnerability exits due to a common flaw in some of the Microsoft-provided extended stored procedures that have the ability to reconnect to the database as the SQL Server service account. These procedures have weak permissions that can allow non-privileged users to execute them. Because these extended stored procedures can be made to run with administrator privileges on the database, it is thus possible for a non-privileged user to run stored procedures on the database with administrator privileges.
The vulnerability could make it possible for an attacker to load and execute a database query that calls one of the affected extended store procedures. Alternately, if a Web site or other database front-end were configured to access and process arbitrary queries, it could be possible for the attacker to provide inputs that would cause the query to call one of the functions in question with the appropriate malformed parameters.
Several mitigating factors for the vulnerability are addressed in the Security Bulletin.
The patch addresses the latest vulnerability by setting permissions on the extended stored procedures in questions such that only administrators can invoke them. The patch can be installed on systems running SQL Server 7.0 Service Pack 4 or SQL Server 2000 Service Pack 2, and the functionality included in the patch will be part of SQL Server 2000 Service Pack 3 when it's released.
Additional information on the SQL Server Security Patch (and download links) can be found at:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-043.asp
|
|
|
The Network for Technology Professionals
Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers
