SQL Server Named Pipe Privilege Escalation Vulnerability

Friday Jul 11th 2003 by DatabaseJournal.com Staff
Share:

A vulnerability has been identified in SQL Server, which can be exploited by malicious, local users to escalate their privileges on a vulnerable system.

[From Secunia]

A vulnerability has been identified in SQL Server, which can be exploited by malicious, local users to escalate their privileges on a vulnerable system.

The vulnerability is caused due to a general error in the "CreateFile" API and an attack vector exists in SQL Server making it possible to gain the privileges of the SQL Server. This can be exploited by specifying the UNC name of a named pipe instead of a file as an argument to the "xp_fileexist" extended stored procedure.

The article continues at http://www.secunia.com/advisories/9229/

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved