Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2002-08-20T04:00:00
Updated: 2024-08-08T02:56:38.802Z
Reserved: 2002-07-22T00:00:00
Link: CVE-2002-0721
Vulnrichment
No data.
NVD
Status : Modified
Published: 2002-09-05T04:00:00.000
Modified: 2024-11-20T23:39:43.107
Link: CVE-2002-0721
Redhat
No data.