graphical stats of new SQL worm

From: Mark J. Lastdrager (mark.lastdrager@pine.nl)
Date: 01/25/03

  • Next message: Víctor: "Re: strange attacks - flood udp packets from 1030 to msql"
    Date: Sat, 25 Jan 2003 16:47:11 +0100
    From: "Mark J. Lastdrager" <mark.lastdrager@pine.nl>
    To: incidents@securityfocus.com
    
    

    Hi,

    Since approx. 15:00 GMT, we are generating statistics of the new SQL
    worm on a /19 (8192 "target" IP numbers). At this moment we see about
    800 hits/minute of this worm. You can find the graph at
    http://www.security.nl/misc/sqlworm/hits.png

    Let's see how long this thing will stay alive..

    Mark Lastdrager

    -- 
    Vice President Operations :: Pine Digital Security :: tel. +31-70-3111010
    PGP id 0xFF0EA728 fpr 57D2 CD16 5908 A8F0 9F33 AAA3 AFA0 24EF FF0E A728
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    


    Relevant Pages

    • RE: SQL Sapphire Worm Analysis
      ... For the latest version and information on our sql worm analysis goto: ... | the way SQL improperly handles data sent to its Microsoft SQL ... | service pack for SQL that includes a fix for this ...
      (Bugtraq)
    • [VulnWatch] eEye - SQL Sapphire Worm Analysis
      ... SQL Sapphire Worm Analysis ... Microsoft SQL Server 2000 pre SP 2 ... the way SQL improperly handles data sent to its Microsoft SQL Monitor port. ...
      (VulnWatch)
    • SQL Sapphire Worm Analysis
      ... SQL Sapphire Worm Analysis ... Microsoft SQL Server 2000 pre SP 2 ... The worm is spreading using a buffer overflow to exploit a flaw in Microsoft ...
      (NT-Bugtraq)
    • SQL Sapphire Worm Analysis
      ... SQL Sapphire Worm Analysis ... Microsoft SQL Server 2000 pre SP 2 ... The worm is spreading using a buffer overflow to exploit a flaw in Microsoft ...
      (Bugtraq)
    • SQL Sapphire Worm Analysis
      ... SQL Sapphire Worm Analysis ... Microsoft SQL Server 2000 pre SP 2 ... The worm is spreading using a buffer overflow to exploit a flaw in Microsoft ...
      (Focus-Microsoft)