AppDetective™ Update 3.0.8 - 23 January 2003

Scanning Enhancements

NEW CHECKS for Microsoft SQL Server Penetration Testing

Computed Column UDF DoS
Verify if the Microsoft SQL Server installation is known to be vulnerable to a DoS attack by selecting a computed column that references a user-defined function.

Database ownership chaining not disabled
Check the SQL Server to verify if database ownership chaining has been disabled.

NEW CHECKS for Microsoft SQL Server Security Auditing

Computed Column UDF DoS
Verify if the Microsoft SQL Server installation is known to be vulnerable to a DoS attack by selecting a computed column that references a user-defined function.

SQL Agent procedures granted to public
Check if the stored procedure to query the password hash used by the SQL Agent is granted to public.

SQL Agent password publicly viewable
Check if the password used by the SQL Server Agent can be discovered by the group public using the procedure msdb.dbo.sp_get_sqlagent_properties.

DTS package procedures granted to public
Verify that permissions have been revoked from the group public on the stored procedures msdb.dbo.sp_enum_dtspackages and msdb.dbo.sp_get_dtspackage.

Global temporary stored proc exists
Check for the existence of global temporary stored procedures in the tempdb database.

Database ownership chaining not disabled
Check that database ownership chaining has been disabled.

SQL injection in sp_MSdropretry
Check the Microsoft SQL Server to determine if a SQL injection vulnerability exists in the stored procedure master.dbo.sp_MSdropretry.

Openrowset reveals service account
Verify that a patch has not been installed to prevent the account name the SQL Server runs under to be revealed through an invalid openrowset command.