Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SQL Sapphire Worm Analysis

From: "Micheal Patterson" <micheal () cancercare net>
Date: Mon, 27 Jan 2003 11:56:04 -0600
I can attest to the fact that an unpatched 2000 MSDE is very much
vulnerable. I've had 3 reports of networks down this weekend because of end
user installations of MSDE that were not patched.

--

Micheal Patterson
Network Administration
Cancer Care Network


----- Original Message -----
From: "terry white" <twhite () aniota com>
To: "Marc Maiffret" <marc () eeye com>
Cc: "Incidents" <incidents () securityfocus com>
Sent: Sunday, January 26, 2003 11:00 PM
Subject: Re: SQL Sapphire Worm Analysis



on "1-25-2003" "Marc Maiffret" writ:

: SQL Sapphire Worm Analysis
:
: Systems Affected:
: Microsoft SQL Server 2000 pre SP 2

... it seems to me, i've read that the M$ 'desktop engine' a.k.a. "DE" is
vulnerable to this exploit in some way.  in fact, it seems like the DE
was affected where MS-SQL not running ...


--
... i'm a man, but i can change,
    if i have to , i guess ...


--------------------------------------------------------------------------

--

This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com





----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: