Signature Detail
Short Name |
DB:MS-SQL:STOR-PROC-PRIV-UPGRD |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
DB |
Keywords |
MS-SQL Stored Procedure Privilege Upgrade |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
DB: MS-SQL Stored Procedure Privilege Upgrade
This signature detects attempts to exploit the Stored Procedure Privilege vulnerability in Microsoft SQL Server 2000 and 7.0. Attackers can construct a malicious query that calls one of three stored procedures in order to gain elevated privileges on the SQL Server.
Extended Description
Microsoft SQL Server 2000 uses various extended stored procedures to allow database designers to create their own external routines. Some of these extended stored procedures have weak permissions, which could allow a user with low permissions to perform actions on the database in the context of the SQL Server Service Account.
Affected Products
- Microsoft Data Engine 2000
- Microsoft Data Engine (MSDE) 1.0
- Microsoft SQL Server 7.0
- Microsoft SQL Server 7.0 SP1
- Microsoft SQL Server 7.0 SP2
- Microsoft SQL Server 7.0 SP3
- Microsoft SQL Server 7.0 SP4
- Microsoft SQL Server 2000 SP1
- Microsoft SQL Server 2000 SP2
- Microsoft SQL Server 2000
References
- BugTraq: 5481
- CVE: CVE-2002-0721
- URL: http://www.nextgenss.com/advisories/mssql-esppu.txt
- URL: http://www.kb.cert.org/vuls/id/939675