May 22, 2002

New worm spreads via Microsoft SQL servers

From Internet Security Systems:
"ISS X-Force has learned of a worm that is spreading via Microsoft SQL
servers. The Spida worm is responsible for large amounts of Internet
traffic as well as millions of TCP/IP probes at the time of this alert's
publication. This worm attempts to locate and login to MS/SQL servers
with the "sa" account and a blank password. Once a vulnerable computer
is found, the worm will infect that target, send its configuration and
password information to an external host, and begin scanning for new
targets."

Category:

  • Security
Click Here!