Microsoft SQL Server Permissions Vulnerability in Aid of Remote Attacks
CVE-2002-0721

Currently unrated

Key Information:

Vendor

Microsoft
Status
Sql Server
Data Engine
Vendor
CVE Published:
5 September 2002

What is CVE-2002-0721?

Microsoft SQL Server 7.0 and 2000 are susceptible to a permissions misconfiguration that allows unprivileged users to invoke extended stored procedures. The vulnerability arises from weak permissions set for procedures linked with helper functions, specifically through xp_execresultset, xp_printstatements, and xp_displayparamstmt. This setup can enable unauthorized execution of these stored procedures with administrative privileges, potentially compromising the security of the database system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/939675
third-party-advisoryx_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/818939
third-party-advisoryx_refsource_CERT-VN
http://marc.info/?l=ntbugtraq&m=102950792606475&w=2
mailing-listx_refsource_NTBUGTRAQ

EPSS Score

54% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.