Bugtraq mailing list archives
MS SQL 7.0 DTS saved packages contain plain text passwords
From: "Floyd Russell" <floyd () neospire net>
Date: Mon, 12 Nov 2001 12:18:10 -0600
When creating a Data Transformation Service (DTS) Package be carefull. The saved file does not encrypt the passwords that the package will use when executed. If a client could convice an admin to create an example DTS package for troubleshooting then the client would have the admin's SQL password. Of course no admin would ever use a high level account for that sort of thing. :) Floyd Russell
Current thread:
- MS SQL 7.0 DTS saved packages contain plain text passwords Floyd Russell (Nov 12)