Internet Security systems Security Alert
January 25, 2003
Microsoft SQL Slammer Worm Propagation
Synopsis:
ISS X-Force has learned of a worm that is spreading via Microsoft SQL
servers. The worm is responsible for large amounts of Internet traffic as
well as millions of UDP/IP probes at the time of this alert's publication.
This worm attempts to exploit MS/SQL servers vulnerable to the SQL Server
Resolution service buffer overflow (CVE CAN-2002-0649). Once a vulnerable
computer is compromised, the worm will infect that target, randomly select a
new target, and resend the exploit and propagation code to that host.
ISS X-Force recommends blocking UDP port 1433 and 1434 traffic to protect SQL Server databases with a firewall or packet filter.
more info:
===============
Security Forums
January 25, 2003
Microsoft SQL Slammer Worm Propagation
Synopsis:
ISS X-Force has learned of a worm that is spreading via Microsoft SQL
servers. The worm is responsible for large amounts of Internet traffic as
well as millions of UDP/IP probes at the time of this alert's publication.
This worm attempts to exploit MS/SQL servers vulnerable to the SQL Server
Resolution service buffer overflow (CVE CAN-2002-0649). Once a vulnerable
computer is compromised, the worm will infect that target, randomly select a
new target, and resend the exploit and propagation code to that host.
ISS X-Force recommends blocking UDP port 1433 and 1434 traffic to protect SQL Server databases with a firewall or packet filter.
more info:
===============
Security Forums