Microsoft KB Archive/814919

From BetaArchive Wiki

Article ID: 814919

Article Last Modified on 2/11/2005


APPLIES TO

  • Microsoft SQL Server 2000 Service Pack 3


BUG #: 363575 (SQL Server 8.0)

SYMPTOMS

When you set the password for a system administrator (sa) login to be blank in SQL Server Enterprise Manager, you are not prompted with a warning message or a confirmation message.

RESOLUTION

Service pack information

To resolve this problem, obtain the latest service pack for Microsoft SQL Server 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

290211 How to obtain the latest SQL Server 2000 service pack


Hotfix information

The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel. 

   Date         Time   Version         Size             File name
   --------------------------------------------------------------------------
   06-May-2003  03:16  2000.80.818.0      78,400 bytes  Console.exe      
   08-May-2003  04:18  2000.80.818.0      29,244 bytes  Dbmslpcn.dll     
   25-Apr-2003  02:12                    786,432 bytes  Distmdl.ldf
   25-Apr-2003  02:12                  2,359,296 bytes  Distmdl.mdf
   30-Jan-2003  01:55                        180 bytes  Drop_repl_hotfix.sql
   07-Apr-2003  19:15  2000.80.801.0   1,557,052 bytes  Dtsui.dll        
   24-Apr-2003  02:51                    747,927 bytes  Instdist.sql
   03-May-2003  01:56                      1,581 bytes  Inst_repl_hotfix.sql
   08-Feb-2003  06:40  2000.80.765.0      90,692 bytes  Msgprox.dll      
   01-Apr-2003  02:07                      1,873 bytes  Odsole.sql
   05-Apr-2003  01:46  2000.80.800.0      62,024 bytes  Odsole70.dll     
   02-Apr-2003  21:48  2000.80.796.0      57,904 bytes  Osql.exe         
   02-Apr-2003  23:15  2000.80.797.0     279,104 bytes  Pfutil80.dll     
   04-Apr-2003  21:27                  1,083,467 bytes  Replmerg.sql
   04-Apr-2003  21:53  2000.80.798.0     221,768 bytes  Replprov.dll     
   08-Feb-2003  06:40  2000.80.765.0     307,784 bytes  Replrec.dll      
   05-May-2003  00:05                  1,085,874 bytes  Replsys.sql
   08-May-2003  04:18  2000.80.818.0     492,096 bytes  Semobj.dll       
   05-May-2003  00:24  2000.80.818.0     172,032 bytes  Semobj.rll
   16-Apr-2003  22:39                    115,892 bytes  Sp3_serv_uni.sql
   08-May-2003  04:18  2000.80.818.0   4,215,360 bytes  Sqldmo.dll       
   07-Apr-2003  17:44                     25,172 bytes  Sqldumper.exe    
   19-Mar-2003  18:20  2000.80.789.0      28,672 bytes  Sqlevn70.rll
   24-Apr-2003  05:39  2000.80.811.0     176,696 bytes  Sqlmap70.dll     
   08-Feb-2003  06:40  2000.80.765.0      57,920 bytes  Sqlrepss.dll     
   08-May-2003  04:19  2000.80.818.0   7,540,817 bytes  Sqlservr.exe     
   08-Feb-2003  06:40  2000.80.765.0      45,644 bytes  Sqlvdi.dll       
   08-May-2003  04:18  2000.80.818.0      29,244 bytes  Ssmslpcn.dll     
   08-May-2003  04:18  2000.80.818.0      82,492 bytes  Ssnetlib.dll     
   08-May-2003  04:18  2000.80.818.0      25,148 bytes  Ssnmpn70.dll     
   08-May-2003  04:18  2000.80.818.0     158,240 bytes  Svrnetcn.dll     
   05-May-2003  00:09  2000.80.818.0      76,416 bytes  Svrnetcn.exe     
   30-Apr-2003  23:52  2000.80.816.0      45,132 bytes  Ums.dll          
   28-Feb-2003  01:34  2000.80.778.0      98,872 bytes  Xpweb70.dll

Note: Because of file dependencies, the most recent hotfix or feature that contains the files may also contain additional files.



STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.This problem was first corrected in Microsoft SQL Server 2000 Service Pack 4.

MORE INFORMATION

Setting a blank password for an sa login might create security problems.


For additional information about the risks associated with setting a blank password for the sa login, click the following article number to view the article in the Microsoft Knowledge Base:

313418 PRB: Unsecured SQL Server with Blank (NULL) SA Password Leaves Vulnerability to a Worm




To set the sa password in SQL Server Enterprise Manager, follow these steps:

  1. Open SQL Server Enterprise Manager.
  2. Expand the SQL Server Group, and then expand the name of your server.
  3. Expand Security, and then click Logins.
  4. In the right pane, right-click sa, and then click Properties.
  5. On the General tab, type a password in the Password text box, and then click OK.
  6. In the Confirm Password dialog box, type the new password, and then click OK.


Keywords: kbbug kbfix kblogin kbqfe kbsecurity KB814919



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/814919&oldid=192910
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki