Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-08-20T04:00:00

Updated: 2024-08-08T02:56:38.802Z

Reserved: 2002-07-22T00:00:00

Link: CVE-2002-0721

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2002-09-05T04:00:00.000

Modified: 2024-11-20T23:39:43.107

Link: CVE-2002-0721

cve-icon Redhat

No data.