RE: Strange scan on 1433
From: Deus, Attonbitus (Thor@HammerofGod.com)Date: 05/21/02
- Previous message: Tom Pope: "RE: Increased connects to Port 1433"
- In reply to: David LaPorte: "RE: Strange scan on 1433"
- Next in thread: Blake Frantz: "RE: Strange scan on 1433"
- Next in thread: Ken Pfeil: "RE: Strange scan on 1433"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 21 May 2002 10:01:48 -0700 To: <david_laporte@harvard.edu>, "Pavel Lozhkin" <pavel@atrivo.com>, <incidents@securityfocus.com> From: "Deus, Attonbitus" <Thor@HammerofGod.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At 08:23 AM 5/21/2002, David LaPorte wrote:
>They're looking for MS-SQL servers with blank/default sa passwords that are
>missing the MS02-020 patch:
>
>http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
>bulletin/MS02-020.asp
Others have mentioned the MS02-020 bulletin... The BO referenced requires
authenticated access to the box- thus the checks for blank SA. But, of
course, if you have a blank SA, there isn't really much point in worrying
about the overflow.
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1
iQA/AwUBPOp9fIhsmyD15h5gEQJQ0gCgv3ezP4Scr211WsfhlaSZvtFlcogAnjqR
YWWw6fbXaVhN1dF+JA22yQLC
=/hkB
-----END PGP SIGNATURE-----
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: Tom Pope: "RE: Increased connects to Port 1433"
- In reply to: David LaPorte: "RE: Strange scan on 1433"
- Next in thread: Blake Frantz: "RE: Strange scan on 1433"
- Next in thread: Ken Pfeil: "RE: Strange scan on 1433"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
