| CVE-ID | ||
|---|---|---|
CVE-2002-0721 |
• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
|
|
| Description | ||
| Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt. | ||
| References | ||
| Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete. | ||
|
||
| Assigning CNA | ||
| MITRE Corporation | ||
| Date Record Created | ||
| 20020722 | Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE. | |
| Phase (Legacy) | ||
| Modified (20071101) | ||
| Votes (Legacy) | ||
| ACCEPT(4) Armstrong, Baker, Cole, Wall MODIFY(2) Foat, Frech NOOP(2) Christey, Cox |
||
| Comments (Legacy) | ||
Foat> The description should list MSDE 1.0 and MSDE 2000 as acknowledged by Microsoft. Christey> CERT-VN:VU#818939 URL:http://www.kb.cert.org/vuls/id/818939 CERT-VN:VU#939675 URL:http://www.kb.cert.org/vuls/id/939675 CERT-VN:VU#399531 URL:http://www.kb.cert.org/vuls/id/399531 BID:5481 URL:http://www.securityfocus.com/bid/5481 XF:mssql-xp-weak-permissions(9857) URL:http://www.iss.net/security_center/static/9857.php Frech> XF:mssql-xp-weak-permissions(9857) |
||
| Proposed (Legacy) | ||
| 20020830 | ||
| This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities. | ||
|
You can also search by reference using the CVE Reference Maps.
|
||
| For More Information: CVE Request Web Form (select "Other" from dropdown) | ||
