eliminates a security vulnerability in Microsoft SQL Server 7.0 which could allow a malicious user to run a database-stored procedure without permissions.
Execute permission checks on stored procedures may be bypassed when a stored procedure is referenced from a temporary stored procedure.
This omission would enable malicious users to run a stored procedure that, by design, they should not be able to access.
The vulnerability only occurs under a fairly restricted set of conditions: the database and stored procedure must be owned by the system administrator login account, and the malicious user must be able to authenticate to the SQL server as well as have user access to the referenced database.
Microsoft SQL 7.0 and quot;Stored Procedure Permissions and quot; Vulnerability Patch runs on
Windows 95/98/Me/NT/2000/Windows 10/11
and is available under the
Freeware
license
— the installer is 24 KB.
We’ve catalogued it under
Databases.
✓
Verified clean. Every Microsoft SQL 7.0 and quot;Stored Procedure Permissions and quot; Vulnerability Patch build on SoftLookup is scanned for viruses, spyware, adware, trojans and backdoors. We re-test on every update.
Help fellow users decide. Share your experience with Microsoft SQL 7.0 and quot;Stored Procedure Permissions and quot; Vulnerability Patch.