Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2004-09-01T04:00:00
Updated: 2024-08-01T17:18:07.561Z
Reserved: 2001-08-31T00:00:00
Link: CVE-1999-1556
Vulnrichment
No data.
NVD
Status : Modified
Published: 1998-06-29T04:00:00.000
Modified: 2024-11-20T23:31:23.930
Link: CVE-1999-1556
Redhat
No data.