Trend Micro Security

Microsoft SQL Server 'sa' Login With 'Null' Password Vulnerability

  危険度: : 緊急
  CVE識別番号: CVE-2000-1209

  概要

The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1000608

  影響を受けるソフトウェア

  • Microsoft MSDE 1.0
  • Microsoft SQL Server Desktop Engine 2000