Description

The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability.

Remediation

References

CVE-2000-0402

Related Vulnerabilities

Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-11784)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7868)

WordPress Plugin FG Joomla to WordPress Cross-Site Scripting (3.30.0)

Oracle JRE CVE-2014-0457 Vulnerability (CVE-2014-0457)

WordPress Plugin Podlove Podcast Publisher Multiple Cross-Site Scripting Vulnerabilities (2.1.0)

Severity

Low

Classification

CVE-2000-0402

Tags

Missing Update Known Vulnerabilities