Microsoft SQL Server 'sa' Login With 'Null' Password Vulnerability
Publish Date: 05 ottobre 2016
Gravità: : Critico
Identificatori CVE: CVE-2000-1209
Descrizione
The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.
Informazioni esposizione:
Apply associated Trend Micro DPI Rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1000608
Trend Micro Deep Security DPI Rule Name: 1000902 - Microsoft SQL Server 'sa' Login With 'Null' Password Vulnerability
Software e versione interessati:
- Compaq Insight Manager 7.0
- Compaq Insight Manager 7.0 SP1
- Compaq Insight Manager XE 1.1
- Compaq Insight Manager XE 1.21
- Compaq Insight Manager XE 2.1
- Compaq Insight Manager XE 2.1 b
- Compaq Insight Manager XE 2.1 c
- Compaq Insight Manager XE 2.2
- Microsoft MSDE 1.0
- Microsoft SQL Server Desktop Engine 2000