CVE-2002-0642

Published: Jul 23, 2002Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

The registry key containing the SQL Server service account information in Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, has insecure permissions, which allows local users to gain privileges, aka "Incorrect Permission on SQL Server Service Account Registry Key."

Affected (2)

Products: Microsoft: Msde, Sql Server

2 products

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Microsoft Msde	Version 2000
Microsoft Sql Server	Version 2000

References (12)

http://www.cert.org/advisories/CA-2002-22.html

Source: cve@mitre.org

US Government Resource

http://www.iss.net/security_center/static/9523.php

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/796313

Source: cve@mitre.org

US Government Resource

http://www.securityfocus.com/bid/5205

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-034

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1025

Source: cve@mitre.org

http://www.cert.org/advisories/CA-2002-22.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.iss.net/security_center/static/9523.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/796313

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.securityfocus.com/bid/5205

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-034

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1025

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.