Microsoft SQL Server 'sa' Login With 'Null' Password Vulnerability
Publish date: 05 de octubre de 2016
Gravedad: Crítico
Identificadores de CVE : CVE-2000-1209
Descripción
The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1000608
Software y versión afectados
- Microsoft MSDE 1.0
- Microsoft SQL Server Desktop Engine 2000