“Snagging Security Tokens to Elevate Privileges” is a brief that details how a database server running as a low privileged user on Windows can still provide an attacker with the ability to gain elevated privileges on the network and suggests a change in security policy to mitigate the risk. As a side note, this affects all network servers that offer OS based authentication – not just database servers.
You can download it from the following link: https://packetstormsecurity.com/files/download/41702/db-sec-tokens.pdf
Source: https://packetstormsecurity.com/files/41702/db-sec-tokens.pdf.html