UPDATE
I double checked that with my favourite database guru bob beauchemin – looks good ;)

Everybody knows SQL Injection. What still amazes most of the people at demos is a technique called “Blind Folded SQL Injection” (read more).

With BFSI you start with zero knowledge of the underlying database and get to know the structure (database names, table names, column name…) by querying metadata, e.g.

… union select null, null, catalog_name, null, null from master.information_schema.schemata …

In SQL 2000 there is no way to prohibit that.

SQL Server 2005 introduces a new a permission called ‘VIEW DEFINITION’ which effectively controls who has access to metadata. cool!