10 Years After SQL Slammer

Discussion in 'malware problems & news' started by Malcontent, Jan 25, 2013.

Thread Status:
Not open for further replies.
  1. Malcontent

    Malcontent Registered Member

    Joined:
    Dec 30, 2005
    Posts:
    451
    Location:
    Cleveland, Ohio USA
    http://threatpost.com/en_us/blogs/inside-story-sql-slammer-102010

     
  2. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  3. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Slammer (in January 2003) was a very informative event for those following the computer security scene.

    sans.org published a FAQ about Slammer. I found many of the comments very revealing:

    Malware FAQ: MS-SQL Slammer
    http://www.sans.org/security-resources/malwarefaq/ms-sql-exploit.php

    Regarding patching:

    SQL-Server SLAMMER WORM - McAfee Notification by Lee Fisher, NAI Security
    http://www.myitforum.com/forums/SQLSLAMMER-WORM-HIGH-RISK-TO-UNPATCHED-SQLSERVER-2000-m21339.aspx
    January 25, 2003
    EDIT: the above link no longer works. Here is the MS Bulletin from 2002:

    FIX: MS02-039: Buffer Overruns in SQL Server 2000 Resolution Service Might Enable Code Execution
    From July, 2002
    http://support.microsoft.com/kb/323875

    Also:

    Microsoft Security Bulletin MS02-061
    Elevation of Privilege in SQL Server Web Tasks (Q316333)
    October 16, 2002
    http://technet.microsoft.com/en-us/security/bulletin/ms02-061
    The article Malcontent cites has this statement:
    Well, many people didn't change their ways about advisories.

    Remember the Conficker worm 5 years later?

    An Analysis of Conficker's Logic
    http://mtc.sri.com/Conficker/

    ----
    rich
     
Loading...
Thread Status:
Not open for further replies.