saw this one today. sorry for the formatting or lack thereof. Hey Cthulu, this help with your problems?
> *MSDE MAY MAKE PRODUCTS VULNERABLE TO SLAMMER > By Shawna McAlearney > Several factors contributed to the success of the Slammer worm; the most > noteworthy is that many victims don't know that products other than > Microsoft's contain the vulnerable version of Microsoft SQL Desktop Engine > (MSDE). > > "There has been a lot of confusion as to what exactly was vulnerable to > the exploit used by the worm--even among those who have the responsibility > of coordinating that information," says Jose Nazario, a system > verification architect for Arbor Networks, a DDoS mitigation company. "It > took CERT, which is presumably working closely with the vendor, a full two > days to identify and publicize that MSDE is vulnerable." > > Russ Cooper, editor of NTBugtraq and surgeon general of TruSecure, says > Microsoft needs to develop a stronger MSDE community with independent > software vendors and keep track of the use of MSDE as a redistributable > component. (TruSecure publishes Security Wire Digest.) > > NTBugtraq and the SQL Security Forum have produced a list of more than 100 > potentially affected products. Those include: Compaq's Insight Manager, > several Hewlett-Packard and Cisco Systems' products, Crystal Reports > Enterprise 8.5, McAfee's ePolicy Orchestrator, Elron's IM Web Inspector > Internet Filtering Software, ISS's System Scanner and RealSecure, > SalesLogix and many others. > > Other contributing factors for the worm's spread include the failure of > sysadmins to apply either the six-month-old patch or SQL Service Pack 3, > the complexity of systems and networks and that it targeted a > vulnerability in a widely used component. > > "The average corporation will find that at least 25 percent of its > machines have applications listening on UDP port 1434 (the port exploited > by Slammer)," says Cooper. "That number could be much higher depending > upon what kind of business the company is in." > > Though the worm seems to be tapering off, it could gain momentum again if > ISPs stop filtering for it, say experts. > http://www.sqlsecurity.com/forum/applicationslistgridall.aspx > -- TANSTAAFL "there ain't no such thing as a free lunch" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62190&t=62190 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]