RE: SQL Sapphire Worm Analysis

From: Marc Maiffret (marc@eeye.com)
Date: 01/27/03

  • Next message: terry white: "Re: SQL Sapphire Worm Analysis" 
    From: "Marc Maiffret" <marc@eeye.com>
To: "terry white" <twhite@aniota.com>
Date: Sun, 26 Jan 2003 22:55:09 -0800

    Yup this is true... the advisory on our website reflects it. The advisory on
    our site will always have the latest information. Also we released a free
    scanning tool that will detect vulnerable SQL and MSDE systems.You can check
    it on http://www.eeye.com

    Signed,
    Marc Maiffret
    Chief Hacking Officer
    eEye Digital Security
    T.949.349.9062
    F.949.349.9538
    http://eEye.com/Retina - Network Security Scanner
    http://eEye.com/Iris - Network Traffic Analyzer
    http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities

    | -----Original Message-----
    | From: twhite@yossarian.aniota.net [mailto:twhite@yossarian.aniota.net]On
    | Behalf Of terry white
    | Sent: Sunday, January 26, 2003 9:01 PM
    | To: Marc Maiffret
    | Cc: Incidents
    | Subject: Re: SQL Sapphire Worm Analysis
    |
    |
    | on "1-25-2003" "Marc Maiffret" writ:
    |
    | : SQL Sapphire Worm Analysis
    | :
    | : Systems Affected:
    | : Microsoft SQL Server 2000 pre SP 2
    |
    | ... it seems to me, i've read that the M$ 'desktop engine' a.k.a. "DE" is
    | vulnerable to this exploit in some way. in fact, it seems like the DE
    | was affected where MS-SQL not running ...
    |
    |
    | --
    | ... i'm a man, but i can change,
    | if i have to , i guess ...
    |
    |

    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management
    and tracking system please see: http://aris.securityfocus.com

    Relevant Pages

    • [NEWS] Vulnerability Issues in Implementations of the H.323 Protocol (Generic)
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... discovered a number of implementation specific vulnerabilities in the ... The severity of these vulnerabilities varies by vendor. ...
      (Securiteam)
    • [NEWS] Openfire Multiple Vulnerabilities
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Openfire Multiple Vulnerabilities ...
      (Securiteam)
    • Re: SECUNIA warning:[SA16041] Kerberos V5 Multiple Vulnerabilities
      ... the Kerberos v5 specification, done by Microsoft. ... Kerberos V5 Multiple Vulnerabilities ... > Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- ... > SECUNIA ADVISORY ID: ...
      (microsoft.public.security)
    • RE: php pack() security update
      ... I'm waiting for redhat to release updates for php on as3. ... SECUNIA ADVISORY ID: ... Multiple vulnerabilities have been reported in PHP, ... Successful exploitation requires that PHP runs on a multi-threaded ...
      (RedHat)
    • Simple PHP Blog Multiple Vulnerabilities
      ... Secure Network - Security Research Advisory ... Simple PHP Blog is a blogging application that was written with simplicity of installation and maintenance in mind. ... Multiple vulnerabilities have been reported in the latest version of this web application; probably all previous versions are affected to the same issues. ...
      (Bugtraq)