SQL Query Method Enables Cached Administrator Connection to be Reused New
A security flaw exists in Microsoft SQL Server which may allow a user to execute a query with 'sa' users rights due to an exisiting cached connection.
Issue
When a client connection to a SQL Server is terminated, it remains cached for a short period of time for performance reasons. One SQL query method contains a flaw that has the effect of making it possible for one user’s query to reuse a cached connection that belonged to the sa account.
Exploiting this vulnerability would enable an attacker to execute the query using the administrator’s security context. This would give her the ability to take any desired action on the database; moreover, it would give her the ability to run extended stored procedures, thereby giving her the opportunity to run code of her choice and assume de facto control of the server itself.
Affected Products
- Microsoft SQL Server 7.0 & 2000
Solution
A software patch may be downloaded from the following locations:
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: June 12, 2001
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
 |
 |
|
More Guides » | Registry Guide | Support Forums | Software Guide | Scripting Guide | Search |  | |
