RE: ms-sql-info script bug

["Rob Nicholls" <robert () robnicholls co uk>]

It's afraid it's not really a bug with the script. Even if SQL Server 2000
has been patched using the latest service packs and hot fixes, the version
returned by the SQL Server Resolution Service remains at the base version
8.00.194 and therefore cannot be trusted. I think that's why it says
"UNVERIFIED" in the output.

Rob

-----Original Message-----
From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org]
On Behalf Of Ryan Giobbi
Sent: 24 June 2011 19:45
To: nmap-dev () insecure org
Subject: ms-sql-info script bug

Bug in ms-sql-info script. TCP and UDP ports show different SQL server
information. The 8.00.2039 version is probably correct.


1433/tcp open  ms-sql-s Microsoft SQL Server 2000 8.00.2039; SP4
1434/udp open  ms-sql-m Microsoft SQL Server 8.00.194 (ServerName:
<host> ; TCPPort: 1433)


nmap -sU -p1434 --script ms-sql-info -sV <IP>

Nmap scan report for <IP>
Host is up (0.00s latency).
PORT     STATE SERVICE  VERSION
1434/udp open  ms-sql-m Microsoft SQL Server 8.00.194 (ServerName: <host>
; TCPPort: 1433)
| ms-sql-info:
|   Instance: MSSQLSERVER
|     Microsoft SQL Server 2000
|       Server version: 8.00.194 - UNVERIFIED
|       Named pipe: \\<host>\pipe\sql\query
|       Clustered: No
|       Server name: <host>
|_      Tcp port: 1433
Service Info: OS: Windows




nmap  -sT -p 1433 <IP> --script ms-sql-info -sV

Nmap scan report for <IP>
Host is up (0.0011s latency).
PORT     STATE SERVICE  VERSION
1433/tcp open  ms-sql-s Microsoft SQL Server 2000 8.00.2039; SP4
Service Info: OS: Windows
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/