QUOTE
Password Flaw Found In Microsoft SQL Server
Mike Sachoff
Staff Writer
2009-09-02
Database security software firm, Sentrigo, announced today that it has detected a vulnerability in Microsoft SQL Server that allows users with administrative privileges to openly see the unencrypted passwords of other users accessing the server using SQL Server authentication.
"In the course of ongoing security research into SQL Server databases, one of our researchers noticed that the unique string of their personal password was clearly visible in memory in SQL Server," said Slavik Markovich, CTO of Sentrigo.
More to read:
http://www.securitypronews.com/insiderrepo...tSQLServer.html
Mike Sachoff
Staff Writer
2009-09-02
Database security software firm, Sentrigo, announced today that it has detected a vulnerability in Microsoft SQL Server that allows users with administrative privileges to openly see the unencrypted passwords of other users accessing the server using SQL Server authentication.
"In the course of ongoing security research into SQL Server databases, one of our researchers noticed that the unique string of their personal password was clearly visible in memory in SQL Server," said Slavik Markovich, CTO of Sentrigo.
More to read:
http://www.securitypronews.com/insiderrepo...tSQLServer.html