Microsoft SQL Server Web Task Stored Procedure特权提升漏洞

漏洞信息详情

Microsoft SQL Server Web Task Stored Procedure特权提升漏洞

• CNNVD编号：CNNVD-200210-306
• 危害等级： 超危
  
  
• CVE编号：
  CVE-2002-1145
  
• 漏洞类型：
  
  
  配置错误
  
• 发布时间：
  
  2002-10-28
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-09-01
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  Martin Rakhmanoff …

Microsoft SQL服务器7.0和2000版本，Microsoft Data Engine (MSDE) 1.0版本，和Microsoft Desktop Engine (MSDE) 2000版本中进程中储存的xp_runwebtas可以被PUBLIC执行。攻击者可以通过无强烈许可的msdb.dbo.mswebtasks表格的更新数据库拥有者拥有的webtask提升特权。

Microsoft has released an updated cumulative patch for this and other security issues, which includes an installer.
Cisco has released an advisory. Information about obtaining and applying fixes is available in the referenced advisory.
Fixes available:
Microsoft SQL Server 2000

• Microsoft sql2ksp3
  
  http://www.microsoft.com/sql/downloads/2000/sp3.asp?SD=GN&LN=en-us&gss
  nb=1

Cisco E-Mail Manager

• Microsoft sql2ksp3
  
  http://www.microsoft.com/sql/downloads/2000/sp3.asp?SD=GN&LN=en-us&gss
  nb=1

Microsoft SQL Server 2000 SP1

• Microsoft sql2ksp3
  
  http://www.microsoft.com/sql/downloads/2000/sp3.asp?SD=GN&LN=en-us&gss
  nb=1

Microsoft SQL Server 2000 SP2

• Microsoft Q316333Patch released in MS02-061.
  
  http://support.microsoft.com/default.aspx?scid=kb;en-us;Q316333&sd=tec
  h
• Microsoft Q316333Updated cumulative patch.
  
  http://support.microsoft.com/default.aspx?scid=kb;en-us;Q316333&sd=tec
  h
• Microsoft sql2ksp3
  
  http://www.microsoft.com/sql/downloads/2000/sp3.asp?SD=GN&LN=en-us&gss
  nb=1

Cisco Call Manager 3.3

• Cisco SQL2K-MS02-061.exe
  
  http://www.cisco.com/tacpage/sw-center/telephony/crypto/voice-apps/

Cisco Intelligent Contact Manager 5.0

• Microsoft sql2ksp3
  
  http://www.microsoft.com/sql/downloads/2000/sp3.asp?SD=GN&LN=en-us&gss
  nb=1

Microsoft SQL Server 7.0 SP4

• Microsoft Q327068Patch released in MS02-061.
  
  http://support.microsoft.com/default.aspx?scid=kb;en-us;Q327068&sd=tec
  h

来源: MS
名称: MS02-061
链接:http://www.microsoft.com/technet/security/bulletin/ms02-061.asp

来源: BID
名称: 5980
链接:http://www.securityfocus.com/bid/5980

来源: www.nextgenss.com
链接:http://www.nextgenss.com/advisories/mssql-webtasks.txt

来源: XF
名称: mssql-webtask-gain-privileges(10388)
链接:http://www.iss.net/security_center/static/10388.php

来源: CISCO
名称: 20030203 Microsoft SQL Server 2000 Vulnerabilities in Cisco Products – MS02-061
链接:http://www.cisco.com/warp/public/707/cisco-sa-20030126-ms02-061.shtml

来源: NTBUGTRAQ
名称: 20021017 Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002)
链接:http://marc.theaimsgroup.com/?l=ntbugtraq&m=103486356413404&w=2

来源: BUGTRAQ
名称: 20021017 Microsoft SQL Server Webtasks privilege upgrade (#NISR17102002)
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=103487044122900&w=2