Security Incidents mailing list archives
Re: Need Urgent Info about SQL Worm
From: "Arthur Donkers" <A.Donkers () reseau nl>
Date: Fri, 23 Nov 2001 17:38:23 +0100
Do you have a dnsservices.exe or win32mon.exe process running ? If so, you're probably infected ... grtz, Arthur ----- Original Message ----- From: "Matthias Merkel" <securityfocus () merkel-productions de> To: <incidents () securityfocus com> Sent: Friday, November 23, 2001 3:24 AM Subject: Need Urgent Info about SQL Worm
Mailer: SecurityFocus Hi, I was shure that my sa password was not blank, but I found out that I could have been a target for the "Extended Stored Procedure Parameter Parsing" vulnerability. Can someone tell me how I can find out if I've been infected?? Thanks in advance, Matthias p.s.: WinNT4 SP6a. MSSQL7 --------------------------------------------------------------------------
--
This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Need Urgent Info about SQL Worm Matthias Merkel (Nov 23)
- Re: Need Urgent Info about SQL Worm Arthur Donkers (Nov 23)