Re: Microsoft SQL Server 2000 'BULK INSERT' Buffer Overflow (#NISR11072002)
From: Hall, Philip (phall@SPSS.COM)Date: 07/12/02
- Previous message: Aaron C. Newman: "Re: Microsoft SQL Server 2000 'BULK INSERT' Buffer Overflow (#NISR11072002)"
- Maybe in reply to: NGSSoftware Insight Security Research: "Microsoft SQL Server 2000 'BULK INSERT' Buffer Overflow (#NISR11072002)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 11 Jul 2002 22:32:27 -0500 From: "Hall, Philip" <phall@SPSS.COM> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Did I say 'and' ? Of course, as you pointed out, it should have been 'or'
--phil
> You only need to be granted the bulkadmin fixed server role to execute
> BULK INSERT. You do NOT need to have sysadmin to execute BULK INSERT
> (yes, I have tested this several times).
>
> So this vulnerability leads to a privilege escalation.
>
> -----Original Message-----
>
> > To be able to use the 'BULK INSERT' query one must have the
> > privileges of the database owner or dbo. Note this does not
> > necessarily imply 'sa' equivalence.
>
> In fact, you need to be a member of the sysadmin and bulkadmin fixed
> server roles to be able to execute BULK INSERT, both of these
> have to be explicitly set, if you're not user 'sa'
- Previous message: Aaron C. Newman: "Re: Microsoft SQL Server 2000 'BULK INSERT' Buffer Overflow (#NISR11072002)"
- Maybe in reply to: NGSSoftware Insight Security Research: "Microsoft SQL Server 2000 'BULK INSERT' Buffer Overflow (#NISR11072002)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
