Article ID: 322853 - Last Review: November 5, 2003 - Revision: 4.1

FIX: SQL Server Grants Unnecessary Permissions or an Encryption Function Contains Unchecked Buffers

View products that this article applies to.
This article was previously published under Q322853
Expand all | Collapse all

SYMPTOMS

This article addresses two issues:

The SQL Server Setup program and SQL Server Enterprise Manager grant unnecessary permissions to the SQL Server service startup account when the account is not a member of the Administrators Users group.

-or-

An unchecked buffer exists in an encryption function. A buffer overrun can occur as a result and can be used to either cause the SQL Server service to fail, or to cause code to run in the security context of the server that is running SQL Server.
Back to the top

RESOLUTION

To resolve this problem, obtain the latest service pack for Microsoft SQL Server 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
290211  (http://support.microsoft.com/kb/290211/EN-US/ ) INF: How To Obtain the Latest SQL Server 2000 Service Pack
NOTE: The following fix was created before the release of Microsoft SQL Server 2000 Service Pack 3.

To download the fix for these issues, see the following article in the Microsoft Knowledge Base:
316333  (http://support.microsoft.com/kb/316333/EN-US/ ) INF: SQL Server 2000 Security Update for Service Pack 2
The downloadable file contains a stand-alone utility named Servpriv.exe. You can use Servpriv.exe to correct the permission problems for the service registry keys. The Readme.txt file in the package has instructions for applying the fixes and for running Servpriv.exe.

How to Use Servpriv.exe

To use Servpriv.exe, type the following text on the command line, and then press ENTER: 
Servpriv.exe instance_name
The instance_name parameter is the name of the SQL Server instance that you want to patch. If you want to patch the default instance, specify MSSQLSERVER (case does not matter); otherwise, specify the name of the SQL Server instance. This utility is designed to only patch SQL Server 2000 installations that are running SQL Server 2000 Service Pack 2, or later. If you are not running SQL Server 2000 Service Pack 2, you must upgrade to SQL Server 2000 Service Pack 2 before you use Servpriv.exe.

Examples:

Default instance = Servpriv.exe MSSQLServer
Named instance = Servpriv.exe INST1 where the instance typically connected to is SERVER_NAME\INST1
For more information about how to use Servpriv.exe, read the Readme.txt file that is included with the download file.
Back to the top

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
This problem was first corrected in Microsoft SQL Server 2000 Service Pack 3.
Back to the top
APPLIES TO
  • Microsoft SQL Server 2000 Standard Edition
Back to the top
Keywords: 
kbsqlserv2000sp3fix kbbug kbfix kbsqlserv2000presp3fix KB322853
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations

 

Related Support Centers