|
Family: Windows : Microsoft Bulletins --> Category: infos
MS SQL7.0 Service Pack may leave passwords on system Vulnerability Scan
Vulnerability Scan Summary Reads %temp%\sqlsp.log
Detailed Explanation for this Vulnerability Test
The installation process of the remote MS SQL server left
files named 'sqlsp.log' on the remote host.
These files contain the password assigned to the 'sa' account
of the remote database.
A possible hacker may use this flaw to gain full administrative
access to your database.
See
http://www.microsoft.com/technet/security/bulletin/ms00-035.mspx
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|