In-Reply-To: <015601c244d2$fa6f8a30$2500a8c0@HEPHAESTUS> IMHO - This is more a human error driven feature than a high risk vulnerability. Whilst what David says is true - the assumption has been made that a login has access to the "msdb" database by default - this assumption is incorrect. The only way this vulnerability can be exploited is if a DBA (mad of course ;-)) has given access for a login account to the "msdb" database. Brent Glover Database specialist
