Full Disclosure mailing list archives
Re: Database servers on XP and the curious flaw
From: James Eaton-Lee <james.mailing () gmail com>
Date: Thu, 17 Nov 2005 13:16:45 +0000
On Wed, 2005-11-16 at 12:20 -0700, Dave King wrote:
While it still may not be "millions of people" several products come bundled with the desktop edition of SQL Server 2000, and I'm sure many will come with SQL Server 2005 Express. As far as I can tell by reading the paper (but not testing it myself) these are probably vulnerable as well if the configuration allows the guest account access to the database.
"Microsoft SQL Server 2000 - By default, Microsoft SQL Server 2000 is not vulnerable. Like Oracle, SQL Server authenticates the client using the NTLM SSPI AcceptSecurityContext() function and the user is logged on as Guest, however, as SQL Server requires that a specific user be granted access, the remote user can log in – by default SQL Server doesn’t allow Guest access to the database server. If, for whatever reason, someone has granted either the Guest account or the built-in Guests group access to the SQL Server then a remote user without valid credentials will gain access." I may be wrong, but I'd assume that the way in which SQLDE authenticates is similar to MSSQL and therefore isn't affected by this... feel quite free to correct me, because I don't claim to be an expert on the DE version of SQL! :) This of course wouldn't be the case for databases bundled with insecure permissions (as vendors are apt to do), and that'd probably be what I'd worry about most in these situations. - James.
Dave King http://www.thesecure.netTo be honest I don't think we're talking millions of people. How many people at home run a fully fledged RDBMS on their XP systems? Very few I'd guess. Besides, Simple File Sharing is documented so MS are educating those willing to seek information._______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Database servers on XP and the curious flaw David Litchfield (Nov 16)
- Re: Database servers on XP and the curious flaw Eliah Kagan (Nov 16)
- Re: Database servers on XP and the curious flaw David Litchfield (Nov 16)
- Re: Database servers on XP and the curious flaw Eliah Kagan (Nov 16)
- Re: Database servers on XP and the curious flaw Dave King (Nov 16)
- Re: Database servers on XP and the curious flaw James Eaton-Lee (Nov 17)
- Re: Database servers on XP and the curious flaw Dave King (Nov 17)
- Re: Database servers on XP and the curious flaw David Litchfield (Nov 16)
- Re: Database servers on XP and the curious flaw Eliah Kagan (Nov 16)
- Message not available
- Re: Database servers on XP and the curious flaw Eliah Kagan (Nov 16)
- RE: Database servers on XP and the curious flaw James Tucker (Nov 16)
- Re: Database servers on XP and the curious flaw Eliah Kagan (Nov 16)