Microsoft Commerce Server Discloses SQL Server Password to Local Users
|
|
SecurityTracker Alert ID: 1007098 |
|
SecurityTracker URL: http://securitytracker.com/id/1007098
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jul 3 2003
|
Impact:
Disclosure of authentication information
|
Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): 2002
|
Description:
A vulnerability was reported in Microsoft Commerce Server. A local user may be able to decode an SQL Server password.
Cesar Cerrudo reported that when the Microsoft Commerce Server is configured to use SQL Server authentication, the Commerce Server stores an SQL Server password in the Windows Registry. The key is reportedly stored in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Commerce Server 'ADMINDBPS' registry value.
According to the report, all local users in the 'Users' group can read the regsitry value. The encoded password can be decoded directly or can be viewed via the Commerce Server application, it was reported.
The vendor was reportedly notified on February 14, 2003.
|
Impact:
A local user can obtain an SQL Server password.
|
Solution:
No solution was available at the time of this entry. According to the report, Microsoft plans to issue a knowledge base article describing how to better protect the password.
[Editor's note: At the time of this entry, we were unable to locate the KB article via a search of the Knowledge Base.
|
Vendor URL: www.microsoft.com/technet/security/ (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
