Microsoft MSDE/SQL Server 2000 Desktop Engine Default Configuration Vulnerability

Bugtraq ID:	4797
Class:	Configuration Error
CVE:	CAN-2000-1209
Remote:	Yes
Local:	No
Published:	May 22 2002 12:00AM
Updated:	May 22 2002 12:00AM
Credit:	Credited to Adrian Romo of Quilogy.
Vulnerable:	Microsoft SQL Server 2000 Desktop Engine + Akiva WebBoard 6.1 + Microsoft Access 2000 + Microsoft Application Center 2000 + Microsoft BizTalk Server 2000 Developer Edition + Microsoft BizTalk Server 2000 Enterprise Edition + Microsoft BizTalk Server 2000 Standard Edition + Microsoft BizTalk Server 2002 Developer Edition + Microsoft BizTalk Server 2002 Enterprise Edition + Microsoft Office 2000 + Microsoft Project Central Server + Microsoft SharePoint Team Services from Microsoft + Microsoft Visio 2000 Enterprise Edition + Microsoft Visio Enterprise Network Tools + Microsoft Visual FoxPro 6.0 + Microsoft Visual Studio 6.0 + Microsoft Visual Studio .NET Academic Edition 0 + Microsoft Visual Studio .NET Enterprise Architect Edition + Microsoft Visual Studio .NET Enterprise Developer Edition + Microsoft Visual Studio .NET Professional Edition + SmartMax Software MailMax 5.0 + Veritas Software Backup Exec for Windows Servers 9.0 Microsoft MSDE 1.0 + Microsoft Visio 2000 Enterprise Edition SR1 + Microsoft Visio 2000 Enterprise Edition SR1 + Microsoft Visio 2000 Enterprise Edition + Microsoft Visio 2000 Enterprise Edition + Microsoft Visual Studio 6.0 + Microsoft Visual Studio 6.0 + Optima Opty-Way Enterprise 1.0 + Optima Opty-Way Enterprise 1.0 + Websense Reporter 6.3.1 + Websense Reporter 6.3.1 Compaq Open SAN Manager 1.0 c Compaq Insight Manager XE 2.2 Compaq Insight Manager XE 2.1 c Compaq Insight Manager XE 2.1 b Compaq Insight Manager XE 2.1 Compaq Insight Manager XE 1.21 Compaq Insight Manager XE 1.1 Compaq Insight Manager 7.0 SP1 Compaq Insight Manager 7.0 Avaya CentreVu Explorer II Avaya CentreVu / Nice Call Recording System 8.5

Not Vulnerable: