In case you've not seen this: SQL Security Scanner from MS http://microsoft.com/downloads/details.aspx?FamilyId=9552D43B-04EB-4AF9-9E24-6CDE4D933600&displaylang=en SQL Server 2000 Security Tools SQL Server 2000 security tools are used to scan instances of SQL Server and detect security vulnerabilities, and then apply updates to the affected files. Quick Info Download Size: 5 KB - 11352 KB Date Published: 1/30/2003 Version: 8.00.0194 Overview SQL Scan: Originally released: January 29, 2003 NOTE: This tool is under continuing development. Future versions will be released in the very near future. The next version will contain functionality to differentiate MSDE instances. SQL Scan (Sqlscan.exe) scans an individual computer, a Windows domain, or a range of IP addresses for instances of SQL Server 2000 and MSDE 2000, and identifies instances that may be vulnerable to the Slammer worm. SQL Scan runs on computers running Windows 2000 or higher and can identify instances running on Windows NT 4.0, Windows 2000, or Windows XP. Instances of SQL Server 2000 with Service Pack 2 (SP2) and security patch MS02-039, MS02- 043, MS02-056, or MS02-061, or instances with SP3 or later, are not vulnerable. Computers running SQL Server 7.0 and earlier are not vulnerable. SQL Scan does not locate instances of SQL Server that are running on Windows 98 or Windows ME. SQL Scan does not detect instances of SQL Server that were started from the command prompt. NOTE: Shutdown of an infected SQL Server instance may not complete successfully. You may need to use system management tools to terminate an infected process. [...] __________________________________________ JP Vossen, CISSP Counterpane Internet Security: Integration Manager jpat_private PGP: 4A66 F380 061B ED7E 2D5B 68B0 48C7 9B0E C1ED E7FA Work: 610-409-2765 Cell: 610-812-0930 (TZ: -0500 [EST5EDT]) > -----Original Message----- > From: Tina Bird [mailto:tbird@precision-guesswork.com] > Sent: Monday, January 27, 2003 11:12 PM > To: incidentsat_private; intrusionsat_private; > Ced Bennett; > tmdat_private; David Hoffman; eric.nakagawaat_private; > mnewtonat_private; tsgat_private; tbird65at_private; > list-niat_private > Subject: MSDE contained in... > > > Chalk this all up to "things I wish I didn't know": I've > been amused and > skeptical at the list of applications people have claimed > include MSDE, > that are therefore vulnerable to SQL Slammer. In particular, > I had a hard > time believing that Visio used it. Heck, I've got Visio, and > I'm pretty > sure it doesn't open any network connections. > > So I prowled around the Web, and found this: > http://www.microsoft.com/technet/treeview/default.asp?url=/tec hnet/prodtechnol/visio/Visio2002/maintain/vis_msde.asp MSDE is integrated with these Microsoft applications: Microsoft Visio 2000 Enterprise Edition AutoDiscovery & Layout (AD&L) solution AD&L solution from Microsoft Visio Enterprise Network Tools 2002 Microsoft SharePoint Team Services (a Microsoft FrontPage Server Extensions 2002 companion product) Microsoft Project Central (a Microsoft Project 2000 companion product) Microsoft Application Center The following products ship MSDE on their product CD and can use MSDE as a database: Microsoft Access Microsoft Office 2000 Microsoft Visual Studio 6.0 --> Bleh. I stand corrected. tbird -- I, on the other hand, do not work. I enjoy the slothful life of an artist, and while away the hours in meaningless aesthetic pursuits punctuated by bouts of hedonistic debauchery and an occasional nap. -- David Rinehart http://www.shmoo.com/~tbird Log Analysis http://www.loganalysis.org VPN http://vpn.shmoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jan 31 2003 - 12:21:17 PST