Re: Microsoft SQL Server Agent Jobs Vulnerabilities (#NISR15002002B)

From: David Litchfield (davidat_private)
Date: Mon Aug 26 2002 - 12:10:06 PDT

Next message: Alex Gantman: "Security side-effects of Word fields"

Previous message: Stefan Hoelzner: "SAP R/3 default password vulnerability"
In reply to: Brent Glover: "Re: Microsoft SQL Server Agent Jobs Vulnerabilities (#NISR15002002B)"
Next in thread: Chip Andrews: "Re: Microsoft SQL Server Agent Jobs Vulnerabilities (#NISR15002002B)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> In-Reply-To: <015601c244d2$fa6f8a30$2500a8c0@HEPHAESTUS>
>
> IMHO - This is more a human error driven feature than a high risk
> vulnerability.
>
> Whilst what David says is true - the assumption has been made that a login
> has access to the "msdb" database by default - this assumption is
> incorrect.
>
> The only way this vulnerability can be exploited is if a DBA (mad of
> course ;-)) has given access for a login account to the "msdb" database.
>


No. This is incorrect. By default the 'guest' user is enabled on the msdb
database. A login that has not been given specific access to the msdb
database can access it as 'guest'; and as 'guest' is a member of the public
role anyone can submit jobs.

> Brent Glover
> Database specialist


David Litchfield

Next message: Alex Gantman: "Security side-effects of Word fields"
Previous message: Stefan Hoelzner: "SAP R/3 default password vulnerability"
In reply to: Brent Glover: "Re: Microsoft SQL Server Agent Jobs Vulnerabilities (#NISR15002002B)"
Next in thread: Chip Andrews: "Re: Microsoft SQL Server Agent Jobs Vulnerabilities (#NISR15002002B)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 26 2002 - 12:42:28 PDT