Microsoft SQL Server Stored Procedure Low Privilege Weakness

Microsoft SQL Server 2000 uses various stored procedures to allow database administrators to perform simplified administration.

Two stored procedures within SQL Server allow the administrator to modify some SQL Server startup parameters and are also accessible by unprivileged users.

These stored procedures may not allow the server or its data to be compromised, however, they may be used in conjunction with other SQL Server vulnerabilities.


Privacy Statement
Copyright 2010, SecurityFocus