|
PureBytes Links
Trading Reference Links
|
To unsubscribe from this group, send an email to:
realtraders-unsubscribe@xxxxxxxxxxxxxxx
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
--- Begin Message ---
To: zaitech.llc@xxxxxxxxxxx
Subject: my-eTrust.com Virus Alert Notification: Win32/SQLSlammer.Worm
From: notifications@xxxxxxxxxxxxx
Date: Mon, 27 Jan 2003 11:06:50 -0600
Reply-to: notifications@xxxxxxxxxxxxx
<IMG height=124 alt="my-eTrust.com News"
src=""
width=114 useMap="" border=0><IMG height=83 alt="my-eTrust.com News"
src=""
width=526 align=top useMap="" border=0>
<SPAN
class=418520301-01102002>Virus Alert
Notification
<SPAN
class=418520301-01102002>
<SPAN
class=315494913-10092001><SPAN
class=418520301-01102002>Win32/SQLSlammer.Worm
<SPAN
class=315494913-10092001><SPAN
class=418520301-01102002>Attention Users of MS SQL Server
2000 <FONT
size=2>
Win32/SQLSlammer.Worm exploits a buffer
overrun security vulnerability in Microsoft SQL Server 2000 and
Microsoft Desktop Engine 2000. The exploit is present in the SSRS
(SQL Server Resolution Service) which uses UDP port 1434.
The worm does not infect files and does not send out
any e-mail. It exists only in the memory of the successfully
exploited system. Therefore, there is no file based anti-virus
signature available to detect this worm.
The worm scans randomly generated IP addresses for vulnerable
systems and sends out numerous UDP packets, which may effectively
cause a denial of service attack on the infected network.
Customers are strongly advised to block UDP port 1434 and apply
the relevant patch from Microsoft.
Microsoft described the exploited vulnerability in Security
Bulletin MS02-039:
Buffer Overruns in SQL Server 2000 Resolution Service Could
Enable Code Execution (Q323875)
To download the patch:
<A
href="">http://www.microsoft.com/Downloads/Release.asp?ReleaseID=40602
If the server is not up to date, the cumulative patch can be
found here:
<A
href="">http://www.microsoft.com/technet/security/bulletin/MS02-061.asp
Installing Service Pack 3 for SQL Server 2000 will also fix the
vulnerability:
<A
href="">http://www.microsoft.com/sql/downloads/2000/sp3.asp
For more information on the relevant SQL Server overflow
vulnerabilities, please check:
<A
href="">http://www.kb.cert.org/vuls/id/399260<A
href="">http://www.kb.cert.org/vuls/id/484891
<P class=MsoNormal
> <FONT face=Verdana
color=#000000 size=2><SPAN
> <FONT
face=Verdana size=2>A<SPAN
class=315494913-10092001>dditional
Information<FONT
face=Verdana size=2><SPAN
> on
viruses, worms, and trojans can be found<SPAN
> in our virus
encyclopedia:<SPAN
>
<SPAN
><A
href=""><FONT
face=Verdana
color=#800080>http://www.my-eTrust.com/products/encyclopedia<FONT
face=Verdana color=#000000> and on our Virus Alerts page: <A
href=""><FONT
face=Verdana
color=#800080>http://www.my-eTrust.com/products/virusalerts<?xml:namespace
prefix = o ns = "urn:schemas-microsoft-com:office:office" />
<FONT
face="Verdana, Arial, Helvetica,
sans-serif"
color=#66cc00 size=2>Feedback? Comments? Suggestions?
You can fill out our online contact forms
at: <FONT
color=#800080>http://www.my-eTrust.com/contact/
<FONT
face=Verdana color=#000000 size=2><SPAN
><FONT
face=Verdana color=#000080 size=2><SPAN
class=315494913-10092001>Note:<FONT
face=Verdana color=navy><SPAN
><SPAN
> This
address should be used only for feedback on this
<FONT
color=#000000><SPAN
>newsletter.<SPAN
> <SPAN
>If you encounter any <SPAN
>problems or you
require assistance, please visit the support area of our
website: <SPAN
><A
href=""><FONT face=Verdana
color=#800080
size=2>http://www.my-eTrust.com/services/
<A
href="" target=_blank><IMG
src=""
border=0> <IMG
src=""
border=0>UnsubscribeYou have received this email
because you chose to receive virus signature update notifications as
a registered user of my-eTrust software. If you would like to change
your personal options, please <A
href=""><FONT
color=#663399>click
here.
<IMG height=42
src=""
width=640 useMap="" border=0>
--- End Message ---
|