INF: SQL Server 7.0 Security Update for Service Pack 4 (327068)


The information in this article applies to:

  • Microsoft SQL Server 7.0 Service Pack 4
  • Microsoft Data Engine (MSDE) 1.0
This article was previously published under Q327068
This article discusses a security or privacy issue that may affect the operation of your computer. The information in this article is provided "as-is" without warranty of any kind. The workaround or hotfix that is described in this article describes the issue as it is currently understood, but may not protect against any undiscovered variants of this issue. Microsoft recommends that you apply this cumulative patch or implement the workarounds if one is provided.

SUMMARY

Microsoft distributes SQL Server 7.0 security fixes as one downloadable file. Because the security fixes are cumulative, each new release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 7.0 security fix release. You do not have to install a previous patch before you install the latest one. This Microsoft Knowledge Base article contains a list of all the security fixes that are available for SQL Server 7.0 Service Pack 4 (SP4). Before you apply the patch, you must install SQL Server 7.0 Service Pack 4 (SP4).

For additional information about the cumulative security patch for SQL Server 2000 Service Pack 2, click the article number below to view the article in the Microsoft Knowledge Base:

316333 INF: SQL Server 2000 Security Update for Service Pack 2

NOTE: This cumulative package does not contain security fixes for Microsoft Data Access Components (MDAC) and Analysis Services.

Identify Your SQL Server Service Pack Version and Edition

Use the information in the following Microsoft Knowledge Base article to determine which version of SQL Server you are running:

321185 HOW TO: Identify Your SQL Server Service Pack Version and Edition

NOTE: If you are running Microsoft Windows NT Server 4.0 Service Pack 6, you must apply the hotfix that is described in the following Microsoft Knowledge Base article:

258437 FIX: GetEffectiveRightsFromAcl() Fails in Service Pack 6

NOTE: If you rebuild the master database, you must reapply the script files (*.sql) as described in the Readme.txt file.

MORE INFORMATION

October 16, 2002 Release

This release of the SQL Server 2000 security cumulative package contains the following:

  • SQL Server 7.0 and SQL Server 2000 provide stored procedures that are a collection of Transact-SQL statements that are stored under a name, and the statements are processed as a group. With one of the stored procedures, low privileged users can run, delete, insert or modify Web tasks.

    An attacker who can authenticate to SQL Server can delete all the Web tasks created by other users. Also, the attacker can run existing Web tasks in the context of the creator of the Web task or they can potentially insert their own Web tasks. These Web tasks typically run in the context of the SQL Server Agent service account. This patch includes a fix that removes this vulnerability by correcting the permissions on these objects.
These issues are explained in detail in Microsoft Security Bulletin MS02-061.


After you apply this hotfix, when you run 
SELECT @@Version
it returns 7.00.1077 as the version of SQL Server.

NOTE: If you have previously installed the fix discussed in Microsoft Security Bulletin MS02-056, you can install this fix by completing the following actions:

  1. From the <Installation path for this instance of SQL Server>\Binn folder, make a backup copy of the following file:

    Xpweb70.dll

  2. From the hotfix self-extracting archive, copy this file into the <Installation path for this instance of SQL Server>\Binn folder:

    Xpweb70.dll

  3. Connect to SQL Server as a member of the system administrator (sa) role, or as the sa by using SQL Query Analyzer or the osql utility (Osql.exe), and then run SecurityHotfix.sql.

The following files are available for download from the Microsoft Download Center:

English: Download 7.00.1078_enu.exe now Download 7.00.1078_enu.exe now


French: Download 7.00.1078_frn.exe now Download 7.00.1078_frn.exe now


German: Download 7.00.1078_ger.exe now Download 7.00.1078_ger.exe now


Japanese: Download 7.00.1078_jpn.exe now Download 7.00.1078_jpn.exe now


Spanish: Download 7.00.1078_esn.exe now Download 7.00.1078_esn.exe now

Release Date: OCT-16-2002
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How To Obtain Microsoft Support Files from Online Services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.

The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

   Date        Product Version      Size             File name
   -------------------------------------------------------------------

   09/06/2002  7.00.1077               53,520 bytes  Distrib.exe
   01/08/2001                           1,652 bytes  Eula.txt
   09/06/2002  7.00.1077               98,576 bytes  Logread.exe
   09/06/2002                          99,352 bytes  Opends60.dbg
   09/06/2002  7.00.1077              160,016 bytes  Opends60.dll
   09/06/2002                         132,096 bytes  Opends60.pdb
   09/06/2002  7.00.1077              250,128 bytes  Rdistcom.dll
   09/24/2002                           8,734 bytes  Readme.txt
   09/06/2002  7.00.1077               82,192 bytes  Replmerg.exe
   09/06/2002  7.00.1077               78,096 bytes  Replres.dll
   09/17/2002                           7,941 bytes  Securityhotfix.sql
   09/06/2002  7.00.1077              160,016 bytes  Snapshot.exe
   09/06/2002  7.00.1077              344,064 bytes  Sqlagent.exe
   09/06/2002                          45,056 bytes  Sqlcmdss.dll
   09/06/2002                       4,368,196 bytes  Sqlservr.dbg
   09/06/2002  7.00.1077            5,058,832 bytes  Sqlservr.exe
   09/06/2002                       3,580,928 bytes  Sqlservr.pdb
   09/17/2002  7.00.1077              151,552 bytes  Xpweb70.dll


October 2, 2002 Release


This release of the SQL Server 7.0 security cumulative package contains the following:
  • A revocation of support for clients that send SQL Server version 7.0, or later, tabular data streams (TDS) in big-endian format.

    NOTE: Microsoft does not know of a commercially available product that sends TDS 7.0, or later, data streams to SQL Server in big-endian format.

  • A revocation of public access on an extended stored procedure.

  • A fix for the escalation of privileges vulnerability on certain stored procedures.

  • A fix for an unchecked buffer in the SQL Server 2000 Database Console Commands (DBCCs).

  • A fix related to the checking of a registry key that determines access to OLE DB providers through the OPENROWSET or the OPENDATASOURCE functions.

    Potential backward-compatibility issues with this fix are explained in the following Microsoft Knowledge Base article:

    328569 FIX: Ad Hoc Access Incorrectly Permitted If DisallowAdhocAccess Registry Key is Missing

These issues are explained in detail in Microsoft Security Bulletin MS02-056.


After you apply this hotfix, when you run 
SELECT @@Version
it returns 7.00.1077 as the version of SQL Server.


The following files are available for download from the Microsoft Download Center:

English: Download 7.00.1077_enu.exe nowDownload 7.00.1077_enu.exe now


French: Download 7.00.1077_frn.exe nowDownload 7.00.1077_frn.exe now


German: Download 7.00.1077_ger.exe nowDownload 7.00.1077_ger.exe now


Japanese: Download 7.00.1077_jpn.exe nowDownload 7.00.1077_jpn.exe now


Spanish: Download 7.00.1077_esn.exe nowDownload 7.00.1077_esn.exe now

Release Date: OCT-2-2002

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How To Obtain Microsoft Support Files from Online Services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.

The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

   Date        Product Version   Size              File name
   -------------------------------------------------------------------

   09/06/2002  7.00.1077           53,520 bytes    Distrib.exe
   01/08/2001                       1,652 bytes    Eula.txt
   09/06/2002  7.00.1077           98,576 bytes    Logread.exe
   09/06/2002                      99,352 bytes    Opends60.dbg
   09/06/2002  7.00.1077          160,016 bytes    Opends60.dll
   09/06/2002                     132,096 bytes    Opends60.pdb
   09/06/2002  7.00.1077          250,128 bytes    Rdistcom.dll
   09/11/2002                       8,624 bytes    Readme.txt
   09/06/2002  7.00.1077           82,192 bytes    Replmerg.exe
   09/06/2002  7.00.1077           78,096 bytes    Replres.dll
   08/29/2002                         981 bytes    Securityhotfix.sql
   09/06/2002  7.00.1077          160,016 bytes    Snapshot.exe
   09/06/2002  7.00.1077          344,064 bytes    Sqlagent.exe
   09/06/2002  7.00.1077           45,056 bytes    Sqlcmdss.dll
   09/06/2002                   4,368,196 bytes    Sqlservr.dbg
   09/06/2002  7.00.1077        5,058,832 bytes    Sqlservr.exe
   09/06/2002                   3,580,928 bytes    Sqlservr.pdb

August 15, 2002 Release


This release of the SQL Server 7.0 Service Pack 4 security cumulative package contains the following fixes:
  • SQL Injection that Occurs in Replication.

These issues are explained in detail in Microsoft Security Bulletin MS02-43.

NOTE: After you apply this security patch update, when you look at the SQL Server version, it still shows the version that corresponds to Service Pack 4 (SP4) because in this security patch, the main SQL Server binaries are not changed. This security patch only contains Transact-SQL scripts that are run.

The following files are available for download from the Microsoft Download Center:

English: DownloadDownload 7.00.1076_enu.exe now


French: DownloadDownload 7.00.1076_frn.exe now


German: DownloadDownload 7.00.1076_ger.exe now


Japanese: DownloadDownload 7.00.1076_jpn.exe now


Spanish: DownloadDownload 7.00.1076_esn.exe now


Release Date: AUG-15-2002

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How To Obtain Microsoft Support Files from Online Services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.

The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

   Date         Time     Size           File name
   ---------------------------------------------------

   07/24/2002   15:13       981 bytes   Qfe102804.sql
   07/25/2002   13:34     3,323 bytes   Readme.txt
   07/24/2002   15:13   378,529 bytes   Replsys.sql
Comments about this or other Microsoft SQL Server Knowledge Base articles? Drop us a note at SQLKB@Microsoft.com.

Modification Type:MinorLast Reviewed:9/27/2005
Keywords:kbHotfixServer kbQFE kbdownload kbinfo KB327068
©2004 Microsoft Corporation. All rights reserved.