Linux-Bulgaria.ORG
навигация

 

начало

пощенски списък

архив на групата

семинари ...

документи

как да ...

 

 

Предишно писмо Следващо писмо Предишно по тема Следващо по тема По Дата По тема (thread)

RE: lug-bg: e sia si eba mamata

  • Subject: RE: lug-bg: e sia si eba mamata
  • From: bkrosnov@xxxxxxxx (Boyan Krosnov)
  • Date: Sun, 26 Jan 2003 17:02:03 +0200


razprostranqwa se po udp destination port 1434 (koeto maj se polzwa ot
MSSQL Monitor). 
Source porta e pyrwiq visok port kojto operacionnata sistema dade. 
Goleminata na celiq worm, sys headerite, exploita i razprashtaneto e 404
bytes.
MSSQL Monitor raboti s privilegii na potrebitelq System i syotwetno i
worma raboti s takiwa... kakto i vseki kojto pronikne w mashinata
izpolzwajki exploit vyrhu syshtiq service.
Nqma nikakwi dopylnitelni efekti (kato backdoors, etc) vyv worma. Ne se
zapiswa nishto po hard diska na mashinata, nito se promenqt kakwito i da
e danni. 
Prilichno byrza mashina zakachena na 100mbps ethernet generira okolo
40mbps trafik. dokato e zarazena mashinata ne mojesh da se swyrjesh kym
neq sys SQL monitor-a, zashtoto worma nqkak blokira service-a. 
Zarazqwa samo MSSQL 2000 serveri, na koito ne e instaliran service pack
3 (kojto e izleznal predi okolo mesec) ili konkretniq patch za buga ot
juli minalata godina. Kakto obiknovenno se sluchva - patch ima ot
polovin godina, no potrebitelite ne sa go instalirali.
Restartiraneto iztriva cherveq ot pametta.

Za boga bratq patchwajte nawreme.

BR,
Boyan

> -----Original Message-----
> From: raptor [mailto:raptor@xxxxxxxxxx] 
> Sent: Sunday, January 26, 2003 6:39 PM
> To: lug-bg@xxxxxxxxxxxxxxxxxx
> Cc: mano@xxxxxxxxxxxxx
> Subject: Re: lug-bg: e sia si eba mamata
> 
> 
> On Sun, 26 Jan 2003 16:04:01 +0200
> "Marian Popov" <mano@xxxxxxxxxxxxx> wrote:
> 
> |Moje li da mi kajete za tozi worm neshto poveche.
> |Za Linux li e ili za Windows ili niama znachenie vajnoto e
> |da imash SQL server ?
> 
> ]- Samo za MS SQL, toest samo Windows. Drugite sql serveri ne 
> sa zasegnati...
> ==============================================================
> ==============
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
> http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. 
> - Stara Zagora
> To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
> ==============================================================
> ==============
> 
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================

 
наши приятели

 

линукс за българи
http://linux-bg.org

FSA-BG
http://fsa-bg.org

OpenFest
http://openfest.org

FreeBSD BG
http://bg-freebsd.org

KDE-BG
http://kde.fsa-bg.org/

Gnome-BG
http://gnome.cult.bg/

проект OpenFMI
http://openfmi.net

NetField Forum
http://netField.ludost.net/forum/

 

 

Linux-Bulgaria.ORG

Mailing list messages are © Copyright their authors.