Local Privilege Escalation in Microsoft SQL Server by Exploiting Named Pipes
CVE-2003-0496

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2000 Terminal Services; Windows 2000
Vendor: CVE Published:; 18 August 2003

Summary

Local users on Microsoft SQL Server prior to Windows 2000 SP4 can exploit a flaw in the xp_fileexist extended stored procedure. By providing a named pipe argument instead of a regular file, attackers can gain unauthorized privileges, posing significant security risks. This vulnerability allows for unauthorized access and potentially malicious actions within the database system, underlining the importance of implementing timely updates and security measures.

References

http://marc.info/?l=bugtraq&m=105820282607865&w=2

mailing-listx_refsource_BUGTRAQ

http://www.atstake.com/research/advisories/2003/a070803-1...

vendor-advisoryx_refsource_ATSTAKE

http://marc.info/?l=bugtraq&m=105830986720243&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Aug 18, 2003
Vulnerability Reserved
Jun 30, 2003