Full Disclosure mailing list archives

A few quick questions about the SQL Sapphire Worm

From: "Richard M. Smith" <rms () computerbytesman com>
Date: Sat, 25 Jan 2003 11:51:04 -0500

Hi, 

I have a few quick questions about this new SQL Sapphire worm:

1.  The worm spreads via UDP port 1434.  Shouldn't 
    all firewalls already be blocking this port?

2.  Did anyone ever publish sample exploit code for the 
    MS02-039 security hole that the Sapphire worm uses?
    If so, what's the URL for the sample code?

Thanks,
Richard M. Smith
http://www.ComputerBytesMan.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

SQL Sapphire Worm Analysis Marc Maiffret (Jan 25)
- A few quick questions about the SQL Sapphire Worm Richard M. Smith (Jan 25)
  - RE: A few quick questions about the SQL Sapphire Worm Marc Maiffret (Jan 25)