July 30, 2010     |
Home
FAQs
       SQL Server FAQ
       SQL Injection FAQ
       SQL Security Checklist
       SQL Server-Related Products
       SQL Server/MSDE-Based Applications
       SQL Server Version Database
Tools
       Lockdown Script
       Free Tools
       Free Analysis
       Group Policy Templates
       Commercial Tools
Community
       Discussions
       Links
About
Search
Network Toaster
SQL Security Forums
Note: SQLSecurity.com does not allow nor require registration due to privacy concerns for users. SQLSecurity.com is open and anonymous for all. Please report any abuse or profanity.
Reply To Message:
Posted By n/a on 10/10/2001 11:39:00 AM
Subject: SQL Query Method Enables Cached Admin...
Message: Yes - the issue you demonstrated is documented in MS01-032. If you do apply the patch then the under-privileged user will get a "Access to the remote server is denied because no login-mapping exists." error even after the 'sa' user has executed the command. The fix is included in Service Pack 1.

As a side note - a patched server will report version 8.00.296

Chip
UserName: 
Subject:  SQL Query Method Enables Cached Admin...
Body:
  
Show Replies:


ActiveForums 3.6
Copyright 1999 by Chip Andrews   |  Privacy Statement  |  Terms Of Use