This script is Copyright (C) 2003-2013 Tenable Network Security, Inc.
The remote SQL Server is affected by a local privilege escalation
Based on its version number, the remote host may be vulnerable to a
local exploit wherein an authenticated user can obtain and crack SQL
usernames and passwords from the registry.
An attacker may use this flaw to elevate their privileges on the local
*** This alert might be a false positive, as Nessus did not actually
*** check for this flaw but relied solely on the presence of Microsoft
*** SQL 7 to issue this alert.
See also :
Ensure that the configuration has enabled Always prompting for login
name and password.
Risk factor :
High / CVSS Base Score : 7.2
CVSS Temporal Score : 6.1
Nessus Plugin ID: 11870 ()
Bugtraq ID: 1055
CVE ID: CVE-2000-0199
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.