Microsoft SQL Server 7.0 Stored Procedure Vulnerability

Under certain circumstances, it is possible for a user to run Microsoft SQL Server 7.0 database stored procedure code even if they do not possess the rights to do so. This would include a full range of tasks such as modifying, viewing, or deleting entries in the database. This can be accomplished by executing a stored procedure owned by the System Administrator (sa) account that is referenced from a temporary stored procedure. SQL Server does not properly check the execute permissions on stored procedures referenced by temporary stored procedures.

Users must be authenticated on the SQL server and have access to the referring database in order to perform this exploit.


 

Privacy Statement
Copyright 2010, SecurityFocus