Bugtraq mailing list archives

Re: MS-SQL 'sa' user exploit code

From: Domas Mituzas <midom () SPACE DAMMIT LT>
Date: Wed, 23 Aug 2000 13:33:47 +0200

MS-SQL 'sa' was inherited from Sybase Adaptive Server Enterprise, that
has the same default login with NULL password. Moreover, other database
products have same problems. As Sybase Adaptive Server Anywhere is now
also reachable via TDS on IP, you may use the default DBA account with
password 'sql'. But every documentation shows how to change password after
the install.

With respect,
Domas Mituzas
Duomenu bazes ir technologijos

Current thread:

MS-SQL 'sa' user exploit code herbless (Aug 15)
- <Possible follow-ups>
- Re: MS-SQL 'sa' user exploit code Neil Pike (Aug 17)
- Re: MS-SQL 'sa' user exploit code Microsoft Security Response Center (Aug 18)
- Re: MS-SQL 'sa' user exploit code Jon Keeter (Aug 21)
  - Re: MS-SQL 'sa' user exploit code Domas Mituzas (Aug 23)