Microsoft: >> Sql Server >> 6.5 Security Vulnerabilities
Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password.
CVSS Score
7.5
EPSS Score
0.016
Published
2002-12-31
The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service (crash or hang) via malformed (random) input.
CVSS Score
5.0
EPSS Score
0.583
Published
2002-05-16
Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability.
CVSS Score
2.1
EPSS Score
0.024
Published
2000-05-30
Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value.
CVSS Score
7.2
EPSS Score
0.004
Published
1998-06-29