Re: SQL Sapphire Worm Analysis
From: dr john halewood (john@frumious.unidec.co.uk)
Date: 01/27/03
- Previous message: terry white: "Re: SQL Sapphire Worm Analysis"
- In reply to: terry white: "Re: SQL Sapphire Worm Analysis"
- Next in thread: Micheal Patterson: "Re: SQL Sapphire Worm Analysis"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: dr john halewood <john@frumious.unidec.co.uk> To: incidents@securityfocus.com Date: Mon, 27 Jan 2003 17:52:07 +0000
On Monday 27 January 2003 5:00 am, terry white wrote:
> ... it seems to me, i've read that the M$ 'desktop engine' a.k.a. "DE" is
> vulnerable to this exploit in some way. in fact, it seems like the DE
> was affected where MS-SQL not running ...
MSDE is not only affected, but is, in a number of cases, installed when
another MS (or third party) piece of software is installed. This includes
things like Visual Studio .NET, Lyris Listserver and Visio (dunno why that
thinks it needs MSDE but never mind). A list of apps that install/require
MSDE is being maintained at www.sqlsecurity.com (although that site is pretty
unresponsive at the moment)
cheers
john
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Next message: Micheal Patterson: "Re: SQL Sapphire Worm Analysis"
- Previous message: terry white: "Re: SQL Sapphire Worm Analysis"
- In reply to: terry white: "Re: SQL Sapphire Worm Analysis"
- Next in thread: Micheal Patterson: "Re: SQL Sapphire Worm Analysis"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
