CVE-1999-1556

Sažetak

Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value.

Reference

http://marc.info/?l=ntbugtraq&m=90222453431645&w=2
http://www.securityfocus.com/bid/109
https://exchange.xforce.ibmcloud.com/vulnerabilities/7354

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

10-10-2017 - 01:29

Objavljeno

29-06-1998 - 04:00