Sentrigo Uncovers Significant Password Exposure Vulnerability in Microsoft SQL Server

September 2, 2009

[From Sentrigo, Inc.]

SAN MATEO, Calif - Sentrigo, Inc. today announced that it has discovered a significant vulnerability in Microsoft SQL Server, that allows any user with administrative privileges to openly see the unencrypted passwords of other users, or the credentials presented by applications accessing the server using SQL Server authentication. In order to ensure all SQL Server users are able to quickly protect their systems, Sentrigo has released a free utility to erase these passwords, which can be downloaded starting today from the company’s website.

The article continues at http://www.sentrigo.com/news/2009/09/02/sentrigo-uncovers-significant-password-exposure-vulnerability-in-microsoft-sql-serve