Vulnerabilities > CVE-1999-1556 - Unspecified vulnerability in Microsoft SQL Server 6.5

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

microsoft

NVD

Published: 1998-06-29

Updated: 2024-11-20

Summary

Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft SQL Server 6.5	1

References

http://marc.info/?l=ntbugtraq&m=90222453431645&w=2
http://marc.info/?l=ntbugtraq&m=90222453431645&w=2
http://www.securityfocus.com/bid/109
http://www.securityfocus.com/bid/109
https://exchange.xforce.ibmcloud.com/vulnerabilities/7354
https://exchange.xforce.ibmcloud.com/vulnerabilities/7354