CVE-2000-1209 in Insight Manager Xeinfo

Summary

The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.

Be aware that VulDB is the high quality source for vulnerability data.

Disclosure

08/12/2002

Moderation

VulDB entry created

Entries

1: VDB-18485

CPE

ready

CWE

CWE-287 (Confirmed)

Exploit

Download

CVSS

10.0

EPSS

0.88435

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2000-1209
NVD	https://nvd.nist.gov/vuln/detail/CVE-2000-1209
CVE Details	https://www.cvedetails.com/cve/CVE-2000-1209/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!