Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the (1) sp_MSSetServerProperties or (2) sp_MSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft SQL Server部分存储过程访问设计不充分漏洞
Vulnerability Description
Microsoft SQL Server 2000是一款Microsoft公司开发和维护的商业性质大型数据库系统。使用了各种存储过程允许数据库管理员执行简单的管理。 Microsoft SQL Server中的两个存储过程可以由低权限用户访问,远程攻击者可以利用这个漏洞修改数据库系统数据。 sp_MSSetServerProperties是内部使用的存储过程,sp_MSSetServerProperties调用xp_instance_regwrite过程来改变SQL服务器是否自动启动或者手工启动,不过这个
CVSS Information
N/A
Vulnerability Type
N/A