Do you have a dnsservices.exe or win32mon.exe process running ? If so, you're probably infected ... grtz, Arthur ----- Original Message ----- From: "Matthias Merkel" <securityfocus@merkel-productions.de> To: <incidentsat_private> Sent: Friday, November 23, 2001 3:24 AM Subject: Need Urgent Info about SQL Worm > Mailer: SecurityFocus > > Hi, > I was shure that my sa password was not blank, > but I found out that I could have been a target for > the "Extended Stored Procedure Parameter Parsing" > vulnerability. > > Can someone tell me how I can find out if I've been > infected?? > > > Thanks in advance, > Matthias > p.s.: WinNT4 SP6a. MSSQL7 > > -------------------------------------------------------------------------- -- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Nov 23 2001 - 08:50:57 PST