Slapper/Sapphire Vulnerable non-Microsoft products

[Chris Wysopal <weld () vulnwatch org>]

I haven't seen any bulletins from the following vendors whose products
contain vulnerable versions of MS SQL Server 2000 or MSDE 2000.  I have
collected these products from the NIPC bulletin and discussion lists.

Compaq Insight Manager
Crystal Reports Enterprise
Dell OpenManage
HP Openview Internet Services Monitor
McAfee Centralized Virus Admin
McAfee Epolicy Orchestrator
Trend Micro Damage Cleanup Server
Websense Reporter
Veritas Backup Exec
WebBoard Conferencing Server
ISS RealSecure 7.0
ISS Internet Scanner

There are likely many more.

A list of Microsoft products that contain MSDE 2000:
http://www.microsoft.com/technet/security/MSDEapps.asp


-Chris