| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <LBEILANIKOFAOEBJKBKEIEPGCPAA.marc@eeye.com> From: marc at eeye.com (Marc Maiffret) Subject: A few quick questions about the SQL Sapphire Worm 1. Its not even bad enough that people are not firewalling... they are not patching. 2. Yes there are proof of concept exploits out there for the vulnerability that Sapphire uses. One of those was by lion@...onker.net. You can check it out on: http://www.cnhonker.net/index.php http://www.cnhonker.net/Files/show.php?id=167 Signed, Marc Maiffret Chief Hacking Officer eEye Digital Security T.949.349.9062 F.949.349.9538 http://eEye.com/Retina - Network Security Scanner http://eEye.com/Iris - Network Traffic Analyzer http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities | -----Original Message----- | From: full-disclosure-admin@...ts.netsys.com | [mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Richard M. | Smith | Sent: Saturday, January 25, 2003 8:51 AM | To: 'Full-Disclosure'; 'Richard M. Smith' | Subject: [Full-Disclosure] A few quick questions about the SQL Sapphire | Worm | | | Hi, | | I have a few quick questions about this new SQL Sapphire worm: | | 1. The worm spreads via UDP port 1434. Shouldn't | all firewalls already be blocking this port? | | 2. Did anyone ever publish sample exploit code for the | MS02-039 security hole that the Sapphire worm uses? | If so, what's the URL for the sample code? | | Thanks, | Richard M. Smith | http://www.ComputerBytesMan.com | | _______________________________________________ | Full-Disclosure - We believe in it. | Charter: http://lists.netsys.com/full-disclosure-charter.html |
Powered by blists - more mailing lists