RE: SQL Sapphire Worm Analysis

From: Marc Maiffret (marc@eeye.com)
Date: 01/27/03

  • Next message: terry white: "Re: SQL Sapphire Worm Analysis"
    From: "Marc Maiffret" <marc@eeye.com>
    To: "terry white" <twhite@aniota.com>
    Date: Sun, 26 Jan 2003 22:55:09 -0800
    
    

    Yup this is true... the advisory on our website reflects it. The advisory on
    our site will always have the latest information. Also we released a free
    scanning tool that will detect vulnerable SQL and MSDE systems.You can check
    it on http://www.eeye.com

    Signed,
    Marc Maiffret
    Chief Hacking Officer
    eEye Digital Security
    T.949.349.9062
    F.949.349.9538
    http://eEye.com/Retina - Network Security Scanner
    http://eEye.com/Iris - Network Traffic Analyzer
    http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities

    | -----Original Message-----
    | From: twhite@yossarian.aniota.net [mailto:twhite@yossarian.aniota.net]On
    | Behalf Of terry white
    | Sent: Sunday, January 26, 2003 9:01 PM
    | To: Marc Maiffret
    | Cc: Incidents
    | Subject: Re: SQL Sapphire Worm Analysis
    |
    |
    | on "1-25-2003" "Marc Maiffret" writ:
    |
    | : SQL Sapphire Worm Analysis
    | :
    | : Systems Affected:
    | : Microsoft SQL Server 2000 pre SP 2
    |
    | ... it seems to me, i've read that the M$ 'desktop engine' a.k.a. "DE" is
    | vulnerable to this exploit in some way. in fact, it seems like the DE
    | was affected where MS-SQL not running ...
    |
    |
    | --
    | ... i'm a man, but i can change,
    | if i have to , i guess ...
    |
    |

    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management
    and tracking system please see: http://aris.securityfocus.com