Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Windows : Microsoft Bulletins --> Category: infos

MS SQL Installation may leave passwords on system Vulnerability Scan

Vulnerability Scan Summary
Reads %windir%\setup.iss

Detailed Explanation for this Vulnerability Test

Synopsis :

It may be possible to get SQL server administrator password.

Description :

The installation process of the remote MS SQL server left
files named 'setup.iss' on the remote host.

These files contain the password assigned to the 'sa' account
of the remote database.

A possible hacker may use this flaw to gain full administrative
access to your database.

Solution :

Microsoft has released a set of patches for SQL Server 7 and 2000 :

Threat Level:

Medium / CVSS Base Score : 6

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.