SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Commerce)  >   Microsoft Commerce Server Vendors:   Microsoft
Microsoft Commerce Server Discloses SQL Server Password to Local Users
SecurityTracker Alert ID:  1007098
SecurityTracker URL:  http://securitytracker.com/id/1007098
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 3 2003
Impact:   Disclosure of authentication information
Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 2002
Description:   A vulnerability was reported in Microsoft Commerce Server. A local user may be able to decode an SQL Server password.

Cesar Cerrudo reported that when the Microsoft Commerce Server is configured to use SQL Server authentication, the Commerce Server stores an SQL Server password in the Windows Registry. The key is reportedly stored in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Commerce Server 'ADMINDBPS' registry value.

According to the report, all local users in the 'Users' group can read the regsitry value. The encoded password can be decoded directly or can be viewed via the Commerce Server application, it was reported.

The vendor was reportedly notified on February 14, 2003.

Impact:   A local user can obtain an SQL Server password.
Solution:   No solution was available at the time of this entry. According to the report, Microsoft plans to issue a knowledge base article describing how to better protect the password.

[Editor's note: At the time of this entry, we were unable to locate the KB article via a search of the Knowledge Base.

Vendor URL:  www.microsoft.com/technet/security/ (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC