Microsoft SQL Server < 7 Local Privilege Escalation

This script is Copyright (C) 2003-2013 Tenable Network Security, Inc.


Synopsis :

The remote SQL Server is affected by a local privilege escalation
vulnerability.

Description :

Based on its version number, the remote host may be vulnerable to a
local exploit wherein an authenticated user can obtain and crack SQL
usernames and passwords from the registry.

An attacker may use this flaw to elevate their privileges on the local
database.

*** This alert might be a false positive, as Nessus did not actually
*** check for this flaw but relied solely on the presence of Microsoft
*** SQL 7 to issue this alert.

See also :

http://www.iss.net/threats/advise45.html

Solution :

Ensure that the configuration has enabled Always prompting for login
name and password.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.1
(CVSS2#E:U/RL:U/RC:C)

Family: Databases

Nessus Plugin ID: 11870 ()

Bugtraq ID: 1055

CVE ID: CVE-2000-0199