CVE-2003-0496: CVE-2003-0496

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2003-0496

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Windows有名管道文件名本地权限提升漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Microsoft Windows是微软开发的视窗操作系统。通过指定文件代替有名管道名作为SQL Server xp_fileexist存储扩展的参数，可导致以用户帐户SQL权限或者其他服务进程权限运行此文件，可能导致权限提升。漏洞是由于CreateFile系统调用的操作和可劫持冒充Windows有名管道。API调用CreateFile用来打开或建立文件，有名管道，Mail slot等，不过没有任何机制来限制这个API调用打开何种资源。WIN32中多数服务运行在系统帐户下并以一定方式处理文件，如果可以

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2003-0496

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2003-0496

Please Login to view more intelligence information

http://www.atstake.com/research/advisories/2003/a070803-1.txtvendor-advisoryx_refsource_ATSTAKE
http://marc.info/?l=bugtraq&m=105820282607865&w=2mailing-listx_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=105830986720243&w=2mailing-listx_refsource_BUGTRAQ
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0013.htmlmailing-listx_refsource_VULNWATCH
https://nvd.nist.gov/vuln/detail/CVE-2003-0496

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2003-0496

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2003-0496

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2003-0496

III. Intelligence Information for CVE-2003-0496

IV. Related Vulnerabilities

V. Comments for CVE-2003-0496

Leave a comment