Re: SQL Spider.
From: Deus, Attonbitus (Thor@HammerofGod.com)Date: 05/21/02
- Previous message: G Man: "IIS 5.0 and Netscape Authentication"
- Maybe in reply to: Marc Fossi: "Re: SQL Spider."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 21 May 2002 13:30:55 -0700 To: Marc Fossi <mfossi@securityfocus.com>, Mark Williams <markw@webce.com> From: "Deus, Attonbitus" <Thor@HammerofGod.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At 11:30 AM 5/21/2002, Marc Fossi wrote:
>It's definitely "in the wild". Take a look at this article:
>http://www.newsbytes.com/news/02/176701.html
>
>If any of you have MS SQL servers with blank SA account passwords, you
>might have a long day ahead of you...
It is interesting that the SANS official refers to logging in as SA/null as
"exploit code."
AD
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1
iQA/AwUBPOquf4hsmyD15h5gEQIxwgCfdqAyNBcvnyt1K0UyUZT/lEcJDaoAoJ7P
LZ95ZkkVkTke5rHB8WMFjars
=p3qG
-----END PGP SIGNATURE-----
- Previous message: G Man: "IIS 5.0 and Netscape Authentication"
- Maybe in reply to: Marc Fossi: "Re: SQL Spider."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
