I can attest to the fact that an unpatched 2000 MSDE is very much vulnerable. I've had 3 reports of networks down this weekend because of end user installations of MSDE that were not patched. -- Micheal Patterson Network Administration Cancer Care Network ----- Original Message ----- From: "terry white" <twhiteat_private> To: "Marc Maiffret" <marcat_private> Cc: "Incidents" <incidentsat_private> Sent: Sunday, January 26, 2003 11:00 PM Subject: Re: SQL Sapphire Worm Analysis > on "1-25-2003" "Marc Maiffret" writ: > > : SQL Sapphire Worm Analysis > : > : Systems Affected: > : Microsoft SQL Server 2000 pre SP 2 > > ... it seems to me, i've read that the M$ 'desktop engine' a.k.a. "DE" is > vulnerable to this exploit in some way. in fact, it seems like the DE > was affected where MS-SQL not running ... > > > -- > ... i'm a man, but i can change, > if i have to , i guess ... > > > -------------------------------------------------------------------------- -- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Jan 27 2003 - 15:22:26 PST