Vulnerabilities > CVE-2001-0344 - Unspecified vulnerability in Microsoft SQL Server 2000/7.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using Mixed Mode allows local database users to gain privileges by reusing a cached connection of the sa administrator account.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Oval
accepted | 2005-04-27T12:07:00.000-04:00 | ||||||||||||
class | vulnerability | ||||||||||||
contributors |
| ||||||||||||
description | An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using Mixed Mode allows local database users to gain privileges by reusing a cached connection of the sa administrator account. | ||||||||||||
family | windows | ||||||||||||
id | oval:org.mitre.oval:def:71 | ||||||||||||
status | accepted | ||||||||||||
submitted | 2003-06-24T12:00:00.000-04:00 | ||||||||||||
title | Privilege Escalation Using Cached Admin Connection | ||||||||||||
version | 3 |