Worm squirming through SQL servers

By Bill Graziano on 21 May 2002 | 17 Comments | Tags: Hot Fixes


A new worm that targets Microsoft SQL servers has begun squirming through the Internet, experts said Tuesday. Called DoubleTap by vulnerability analysis firm SecurityFocus, the worm has already managed to infect 1,600 servers, said Elias Levy, chief technology officer for the San Mateo, Calif., company. Even though SecurityFocus is currently tracking almost 100 infections per hour, the worm's only way to infect a system is if the Microsoft SQL server's system administrator password is left blank, the default. If for some reason you have a blank sa password on a public SQL Server, please change it. Thanks for the link Justin. Updated (5/28/2002): You can download a scanner to check your systems. Follow the link to Worm squirming through SQL servers...

Discuss this article: 17 Comments so far. Print this Article.

If you like this article you can sign up for our weekly newsletter. There's an opt-out link at the bottom of each newsletter so it's easy to unsubscribe at any time.

Email Address:

Related Articles

Microsoft Security Bulletin MS02-061 : Elevation of Privilege in SQL Server Web Tasks (Q316333) (21 October 2002)

New SQL Server Cumulative Security Patch (3 October 2002)

SQL Server 2000 Cumulative Security Update ... Again. (16 August 2002)

Cumulative Patch for SQL Server 2000 (11 July 2002)

New Sql Server Buffer Overrun issue (17 June 2002)

Unchecked Buffer in Extended Stored Procedures (17 April 2002)

SQL Injection White Paper (2 April 2002)

MS: SQL Server Remote Data Source Function Contain Unchecked Buffers (20 February 2002)

Other Recent Forum Posts

List all records from Where IN (1 Reply)

Help with select (join) (0 Replies)

SQL data Realtime to Web Server (0 Replies)

Help with Query (3 Replies)

Does transaction log contain data or commands (1 Reply)

Problem inserting excel data to existing table (1 Reply)

Msg 4104 (30 Replies)

An Sql Select statement w/out using any base table (1 Reply)

Subscribe to SQLTeam.com

Weekly SQL Server newsletter with articles, forum posts, and blog posts via email. Subscribers receive our white paper with performance tips for developers.

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -