DATE:  
COMMAND                                            SOURCE: 
                                                   AUTHOR: 
  MS Access

SYSTEMS AFFECTED

  Win NT 3.5, 3.51, 4.0
  Access 1.0/2.0

PROBLEM


    This vulnerability was originally presented on:

        www.ntshop.com/security

    and this text is their credit.

    A User  SID can  be read  from a  v1.0 database  and pasted over a
    SID in the  MSysAccounts table in  the SystemDB, allowing  someone
    to access a database as a different user.

    This  affects  MS  Access  v2.0  and  v1.0 when a v1.0 database is
    opened.



EXPLOIT

  

SOLUTION


    Upgrde your  software and  look for  any fix  or SP.   MS have not
    come across a way of preventing this type of attack, however  they
    do, it will be posted to KB immediately.