Nmap Development mailing list archives
[PATCH] Update to service-probes for Microsoft SQL 2000/2005/2008
From: Tom Sellers <nmap () fadedcode net>
Date: Thu, 19 Feb 2009 18:45:01 -0600
The attached patch does two things: 1. Adds 4 additional match lines for updated versions of Microsoft SQL Server, 2 for SQL 2000 and 2 for SQL 2005. 2. Changes the generic Microsoft SQL server major version (2000, 2005, and 2008) match lines to softmatches. The goal with this is to generate signatures for submissions while still identifying the product. The result is that this section has matchlines for specific version numbers, softmatches for product major version, and a fallback softmatch for Microsoft SQL in general. By the way, and to serve as a reminder to me in the future ;) , the version number detected by a successful hit on the matchline against TCP port 1433 will be more accurate than the results of the NSE script against the SQL monitor port on UDP 1434. The reason for this is that, it seems, Microsoft only updates the number provided on 1434 during major Service Packs, and not during patches. Currently, with the new matchlines you can actually tell if the software is missing the MS08-040 or MS09-004 security patches. Tom
Attachment:
mssql_matchline_patch.txt
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH] Update to service-probes for Microsoft SQL 2000/2005/2008 Tom Sellers (Feb 19)