[GTER] Fw: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
Adler Victor Teixeira
adler at vsnet.com.br
Sun Jan 26 12:24:00 -02 2003
Title: Elevation of Privilege in SQL Server Web Tasks (Q316333)
Released: October 16, 2002
Revised: January 26, 2003 (version 2.0)
Software: Microsoft(r) SQL Server(tm) 7.0, SQL Server 2000,
Microsoft Data Engine (MSDE) 1.0, and Microsoft Desktop
Engine (MSDE) 2000.
Impact: Elevation of Privileges
Max Risk: Critical
Bulletin: MS02-061
----- Original Message -----
From: Luiz Eduardo (Doc)
To: provedores-brasil at yahoogrupos.com.br ;
networking-brasil at yahoogrupos.com.br ; gter at eng.registro.br
Sent: Saturday, January 25, 2003 8:36 AM
Subject: [GTER] Fw: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
Como vcs jah devem ter percebido...
---
doc at n3tworkz.com
----- Original Message -----
From: "Michael Bacarella" <mbac at netgraft.com>
Sent: Friday, January 24, 2003 11:11 PM
Subject: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
: I'm getting massive packet loss to various points on the globe.
: I am seeing a lot of these in my tcpdump output on each
: host.
:
: 02:06:31.017088 150.140.142.17.3047 > 24.193.37.212.ms-sql-m: udp 376
: 02:06:31.017244 24.193.37.212 > 150.140.142.17: icmp: 24.193.37.212 udp
port ms-sql-m unreachable [tos 0xc0
:
: It looks like there's a worm affecting MS SQL Server which is
: pingflooding addresses at some random sequence.
:
: All admins with access to routers should block port 1434 (ms-sql-m)!
:
: Everyone running MS SQL Server shut it the hell down or make
: sure it can't access the internet proper!
:
: I make no guarantees that this information is correct, test it
: out for yourself!
:
: --
: Michael Bacarella 24/7 phone: 646 641-8662
: Netgraft Corporation http://netgraft.com/
: "unique technologies to empower your business"
:
: Finger email address for public key. Key fingerprint:
: C40C CB1E D2F6 7628 6308 F554 7A68 A5CF 0BD8 C055
:
--
GTER list http://eng.registro.br/mailman/listinfo/gter
More information about the gter
mailing list