FIX: SQL Server Grants Unnecessary Permissions or an Encryption Function Contains Unchecked Buffers

Article translations Article translations
Article ID: 322853 - View products that this article applies to.
This article was previously published under Q322853
Expand all | Collapse all

SYMPTOMS

This article addresses two issues:

The SQL Server Setup program and SQL Server Enterprise Manager grant unnecessary permissions to the SQL Server service startup account when the account is not a member of the Administrators Users group.

-or-

An unchecked buffer exists in an encryption function. A buffer overrun can occur as a result and can be used to either cause the SQL Server service to fail, or to cause code to run in the security context of the server that is running SQL Server.

RESOLUTION

To resolve this problem, obtain the latest service pack for Microsoft SQL Server 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
290211 INF: How To Obtain the Latest SQL Server 2000 Service Pack
NOTE: The following fix was created before the release of Microsoft SQL Server 2000 Service Pack 3.

To download the fix for these issues, see the following article in the Microsoft Knowledge Base:
316333 INF: SQL Server 2000 Security Update for Service Pack 2
The downloadable file contains a stand-alone utility named Servpriv.exe. You can use Servpriv.exe to correct the permission problems for the service registry keys. The Readme.txt file in the package has instructions for applying the fixes and for running Servpriv.exe.

How to Use Servpriv.exe

To use Servpriv.exe, type the following text on the command line, and then press ENTER:
Servpriv.exe instance_name
				
The instance_name parameter is the name of the SQL Server instance that you want to patch. If you want to patch the default instance, specify MSSQLSERVER (case does not matter); otherwise, specify the name of the SQL Server instance. This utility is designed to only patch SQL Server 2000 installations that are running SQL Server 2000 Service Pack 2, or later. If you are not running SQL Server 2000 Service Pack 2, you must upgrade to SQL Server 2000 Service Pack 2 before you use Servpriv.exe.

Examples:

Default instance = Servpriv.exe MSSQLServer
Named instance = Servpriv.exe INST1 where the instance typically connected to is SERVER_NAME\INST1
For more information about how to use Servpriv.exe, read the Readme.txt file that is included with the download file.

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
This problem was first corrected in Microsoft SQL Server 2000 Service Pack 3.

Properties

Article ID: 322853 - Last Review: November 5, 2003 - Revision: 4.1
APPLIES TO
  • Microsoft SQL Server 2000 Standard Edition
Keywords: 
kbsqlserv2000sp3fix kbbug kbfix kbsqlserv2000presp3fix KB322853

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com