Article ID: 327068
Article Last Modified on 3/29/2007
APPLIES TO
- Microsoft SQL Server 7.0 Service Pack 4
- Microsoft Data Engine 1.0
This article was previously published under Q327068
This article discusses a security or privacy issue that may affect the operation of your computer. The information in this article is provided "as-is" without warranty of any kind. The workaround or hotfix that is described in this article describes the issue as it is currently understood, but may not protect against any undiscovered variants of this issue. Microsoft recommends that you apply this cumulative patch or implement the workarounds if one is provided.
SUMMARY
Microsoft distributes SQL Server 7.0 security fixes as one downloadable file. Because the security fixes are cumulative, each new release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 7.0 security fix release. You do not have to install a previous patch before you install the latest one. This Microsoft Knowledge Base article contains a list of all the security fixes that are available for SQL Server 7.0 Service Pack 4 (SP4). Before you apply the patch, you must install SQL Server 7.0 Service Pack 4 (SP4).
For additional information about the cumulative security patch for SQL Server 2000 Service Pack 2, click the article number below to view the article in the Microsoft Knowledge Base:
316333 INF: SQL Server 2000 Security Update for Service Pack 2
NOTE: This cumulative package does not contain security fixes for Microsoft Data Access Components (MDAC) and Analysis Services.
Identify Your SQL Server Service Pack Version and Edition
Use the information in the following Microsoft Knowledge Base article to determine which version of SQL Server you are running:
321185 HOW TO: Identify Your SQL Server Service Pack Version and Edition
NOTE: If you are running Microsoft Windows NT Server 4.0 Service Pack 6, you must apply the hotfix that is described in the following Microsoft Knowledge Base article:
258437 FIX: GetEffectiveRightsFromAcl() Fails in Service Pack 6
NOTE: If you rebuild the master database, you must reapply the script files (*.sql) as described in the Readme.txt file.
MORE INFORMATION
October 16, 2002 Release
This release of the SQL Server 2000 security cumulative package contains the following:
- SQL Server 7.0 and SQL Server 2000 provide stored procedures that are a collection of Transact-SQL statements that are stored under a name, and the statements are processed as a group. With one of the stored procedures, low privileged users can run, delete, insert or modify Web tasks.
An attacker who can authenticate to SQL Server can delete all the Web tasks created by other users. Also, the attacker can run existing Web tasks in the context of the creator of the Web task or they can potentially insert their own Web tasks. These Web tasks typically run in the context of the SQL Server Agent service account. This patch includes a fix that removes this vulnerability by correcting the permissions on these objects.
These issues are explained in detail in Microsoft Security Bulletin MS02-061.
After you apply this hotfix, when you run
SELECT @@Version
it returns 7.00.1077 as the version of SQL Server.
NOTE: If you have previously installed the fix discussed in Microsoft Security Bulletin MS02-056, you can install this fix by completing the following actions:
- From the <Installation path for this instance of SQL Server>\Binn folder, make a backup copy of the following file:
Xpweb70.dll
- From the hotfix self-extracting archive, copy this file into the <Installation path for this instance of SQL Server>\Binn folder:
Xpweb70.dll
- Connect to SQL Server as a member of the system administrator (sa) role, or as the sa by using SQL Query Analyzer or the osql utility (Osql.exe), and then run SecurityHotfix.sql.
The following files are available for download from the Microsoft Download Center:
English: Download 7.00.1078_enu.exe now
French: Download 7.00.1078_frn.exe now
German: Download 7.00.1078_ger.exe now
Japanese: Download 7.00.1078_jpn.exe now
Spanish: Download 7.00.1078_esn.exe now
Release Date: OCT-16-2002
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How To Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
Date Product Version Size File name ------------------------------------------------------------------- 09/06/2002 7.00.1077 53,520 bytes Distrib.exe 01/08/2001 1,652 bytes Eula.txt 09/06/2002 7.00.1077 98,576 bytes Logread.exe 09/06/2002 99,352 bytes Opends60.dbg 09/06/2002 7.00.1077 160,016 bytes Opends60.dll 09/06/2002 132,096 bytes Opends60.pdb 09/06/2002 7.00.1077 250,128 bytes Rdistcom.dll 09/24/2002 8,734 bytes Readme.txt 09/06/2002 7.00.1077 82,192 bytes Replmerg.exe 09/06/2002 7.00.1077 78,096 bytes Replres.dll 09/17/2002 7,941 bytes Securityhotfix.sql 09/06/2002 7.00.1077 160,016 bytes Snapshot.exe 09/06/2002 7.00.1077 344,064 bytes Sqlagent.exe 09/06/2002 45,056 bytes Sqlcmdss.dll 09/06/2002 4,368,196 bytes Sqlservr.dbg 09/06/2002 7.00.1077 5,058,832 bytes Sqlservr.exe 09/06/2002 3,580,928 bytes Sqlservr.pdb 09/17/2002 7.00.1077 151,552 bytes Xpweb70.dll
October 2, 2002 Release
This release of the SQL Server 7.0 security cumulative package contains the following:
- A revocation of support for clients that send SQL Server version 7.0, or later, tabular data streams (TDS) in big-endian format.
NOTE: Microsoft does not know of a commercially available product that sends TDS 7.0, or later, data streams to SQL Server in big-endian format.
- A revocation of public access on an extended stored procedure.
- A fix for the escalation of privileges vulnerability on certain stored procedures.
- A fix for an unchecked buffer in the SQL Server 2000 Database Console Commands (DBCCs).
- A fix related to the checking of a registry key that determines access to OLE DB providers through the OPENROWSET or the OPENDATASOURCE functions.
Potential backward-compatibility issues with this fix are explained in the following Microsoft Knowledge Base article:
328569 FIX: Ad Hoc Access Incorrectly Permitted If DisallowAdhocAccess Registry Key is Missing
These issues are explained in detail in Microsoft Security Bulletin MS02-056.
After you apply this hotfix, when you run
SELECT @@Version
it returns 7.00.1077 as the version of SQL Server.
The following files are available for download from the Microsoft Download Center:
English: Download 7.00.1077_enu.exe now
French: Download 7.00.1077_frn.exe now
German: Download 7.00.1077_ger.exe now
Japanese: Download 7.00.1077_jpn.exe now
Spanish: Download 7.00.1077_esn.exe now
Release Date: OCT-2-2002
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How To Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
Date Product Version Size File name ------------------------------------------------------------------- 09/06/2002 7.00.1077 53,520 bytes Distrib.exe 01/08/2001 1,652 bytes Eula.txt 09/06/2002 7.00.1077 98,576 bytes Logread.exe 09/06/2002 99,352 bytes Opends60.dbg 09/06/2002 7.00.1077 160,016 bytes Opends60.dll 09/06/2002 132,096 bytes Opends60.pdb 09/06/2002 7.00.1077 250,128 bytes Rdistcom.dll 09/11/2002 8,624 bytes Readme.txt 09/06/2002 7.00.1077 82,192 bytes Replmerg.exe 09/06/2002 7.00.1077 78,096 bytes Replres.dll 08/29/2002 981 bytes Securityhotfix.sql 09/06/2002 7.00.1077 160,016 bytes Snapshot.exe 09/06/2002 7.00.1077 344,064 bytes Sqlagent.exe 09/06/2002 7.00.1077 45,056 bytes Sqlcmdss.dll 09/06/2002 4,368,196 bytes Sqlservr.dbg 09/06/2002 7.00.1077 5,058,832 bytes Sqlservr.exe 09/06/2002 3,580,928 bytes Sqlservr.pdb
August 15, 2002 Release
This release of the SQL Server 7.0 Service Pack 4 security cumulative package contains the following fixes:
- SQL Injection that Occurs in Replication.
These issues are explained in detail in Microsoft Security Bulletin MS02-43.
NOTE: After you apply this security patch update, when you look at the SQL Server version, it still shows the version that corresponds to Service Pack 4 (SP4) because in this security patch, the main SQL Server binaries are not changed. This security patch only contains Transact-SQL scripts that are run.
The following files are available for download from the Microsoft Download Center:
English: Download 7.00.1076_enu.exe now
French: Download 7.00.1076_frn.exe now
German: Download 7.00.1076_ger.exe now
Japanese: Download 7.00.1076_jpn.exe now
Spanish: Download 7.00.1076_esn.exe now
Release Date: AUG-15-2002
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How To Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
Date Time Size File name --------------------------------------------------- 07/24/2002 15:13 981 bytes Qfe102804.sql 07/25/2002 13:34 3,323 bytes Readme.txt 07/24/2002 15:13 378,529 bytes Replsys.sql
Comments about this or other Microsoft SQL Server Knowledge Base articles? Drop us a note at SQLKB@Microsoft.com.
Keywords: kbhotfixserver kbqfe kbdownload kbinfo KB327068