|
Bugtraq
mailing list archives
RE: Microsoft SQL Server 2000 'BULK INSERT' Buffer Overflow (#NISR11072002)
From: "Aaron C. Newman" <aaron () newman-family com>
Date: Thu, 11 Jul 2002 22:20:46 -0400
You only need to be granted the bulkadmin fixed server role to execute
BULK INSERT. You do NOT need to have sysadmin to execute BULK INSERT
(yes, I have tested this several times).
So this vulnerability leads to a privilege escalation.
Regards,
Aaron
_______________________________
Aaron C. Newman
CTO/Founder
Application Security, Inc.
www.appsecinc.com
Phone: 212-490-6022
Fax: 212-490-6456
- Protection Where It Counts -
-----Original Message-----
From: Hall, Philip [mailto:phall () spss com]
Sent: Thursday, July 11, 2002 10:57 AM
To: bugtraq () securityfocus com; ntbugtraq () listserv ntbugtraq com;
vulnwatch () vulnwatch org
Subject: RE: Microsoft SQL Server 2000 'BULK INSERT' Buffer Overflow
(#NISR11072002)
To be able to use the 'BULK INSERT' query one must have the
privileges of the database owner or dbo. Note this does not
necessarily imply 'sa' equivalence.
In fact, you need to be a member of the sysadmin and bulkadmin fixed
server roles to be able to execute BULK INSERT, both of these have to be
explicitly set, if you're not user 'sa'
--phil
 By Date 
By Thread
Current thread:
|
Intro
