Overview
Microsoft SQL Server ships with several administrative tools that allow database users to elevate their administrative privileges from a single database to all databases on the server.
Description
Microsoft SQL Server ships with several utilities known as Database Consistency Checkers (DBCCs). According to Microsoft Security Bulletin MS02-038, "DBCCs are command console utilities that allow maintenance and other operations to be performed on a SQL server." An unspecified subset of the DBCC utilities contain buffer overflows that allow users who have db_owner or db_ddladmin privileges on a single database to elevate their administrative privileges to the entire SQL server. |
Impact
This vulnerability allows remote attackers to execute arbitrary code with the privileges of the SQL service account. If the privileges of the service account are elevated via VU#796313, this vulnerability may result in compromise of the server host. |
Solution
Apply a patch Microsoft has published Security Bulletin MS02-038 to address this vulnerability. For more information, please see |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This vulnerability was reported to Microsoft by Cesar Cerrudo.
This document was written by Jeffrey P. Lanza and is based upon information provided by Microsoft.
Other Information
| CVE IDs: | CVE-2001-0644 |
| Severity Metric: | 8.86 |
| Date Public: | 2002-07-24 |
| Date First Published: | 2002-07-25 |
| Date Last Updated: | 2003-02-06 21:04 UTC |
| Document Revision: | 15 |