Home > Archive > MS SQL Server Security Tools > November 2005 > SQLping









You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

 

Author SQLping
fridmada

2005-11-24, 11:23 am

Hello all,

How can be patched vulnerability desribed below and implemented in SQLping:

//When a SQL Server 2000 client wishes to connect to a server it
// first attempts a pre-connection query against UDP 1434 (unregistered
listener
// service on any SQL Server 2000 server). Upon seeing the handshake (packet
//payload 0x02), the SQL Server
// replies with details about all named instances installed on the server
including
// instance name, version, clustering info, net-libs, and net-lib details
(ports, pipe
// names, etc.).

Thnaks,
Sponsored Links





Also available: Server administration forum archive | Web Design forum archive | Software forum archive | Hardware reviews archive | Programming forum archive

Copyright 2008 droptable.com