Rapid7 Vulnerability & Exploit Database

Microsoft SQL Server 7.0 System Administrator Password Disclosure Vulnerability

Back to Search

Microsoft SQL Server 7.0 System Administrator Password Disclosure Vulnerability

Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
05/30/2000
Created
07/25/2018
Added
11/01/2004
Modified
12/04/2013

Description

During the installation routine of SQL Server 7.0 Service Pack 1 and 2, two files are created in the %TEMP% directory named 'sqlsp.log' and 'setup.iss' which store the System Administrator (sa) password in plaintext. Any user who is logged on locally to the machine running SQL Server 7.0 can access this file.

The System Administrator (sa) password is recorded in plaintext in 'sqlsp.log' and 'setup.iss' only under the conditions that SQL Server 7.0 Service Pack 1 or 2 has been installed and both Mixed Mode user authentication and SQL Server Authentication is being implemented.

Solution(s)

  • install-microsoft-patch-87dfe8ebaf65e9b87d822a34c011c307

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;