MS00-035: MS SQL7.0 Service Pack may leave passwords on system (263968)

medium Nessus Plugin ID 11330

Synopsis

The remote SQL server is vulnerable to an information disclosure attack.

Description

The installation process of the remote MS SQL server left a file named 'sqlsp.log' on the remote host. This file contains the password assigned to the 'sa' account of the remote database.

An attacker may use this flaw to gain administrative access to the database server.

Solution

Apply the appropriate patches from MS00-035 or upgrade MS SQL.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2000/ms00-035

Plugin Details

Severity: Medium

ID: 11330

File Name: smb_nt_ms00-035.nasl

Version: 1.41

Type: local

Agent: windows

Published: 3/9/2003

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.9

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:sql_server

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/30/2000

Vulnerability Publication Date: 5/30/2000

Exploitable With

Metasploit (Microsoft SQL Server Payload Execution via SQL Injection)

Reference Information

CVE: CVE-2000-0402

BID: 1281

MSFT: MS00-035

MSKB: 263968