Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2004-09-01T04:00:00

Updated: 2024-08-01T17:18:07.561Z

Reserved: 2001-08-31T00:00:00

Link: CVE-1999-1556

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 1998-06-29T04:00:00.000

Modified: 2024-11-20T23:31:23.930

Link: CVE-1999-1556

cve-icon Redhat

No data.