eEye | Antivirus, Antispyware & Vulnerability Management Solutions - eEye Digital Security Releases Detailed Advisory Depicting the SQL Sapphire Worm

Home > Company > News > 2003 Archives > PR20030127

News

eEye Digital Security Releases Detailed Advisory Depicting the SQL Sapphire Worm

Clients Urged to Scan Their Networks for Vulnerable Machines

(ALISO VIEJO, CA) January 27, 2003 — eEye Digital Security released a detailed advisory January 25th, 2003 to alert its clients and IT administrators worldwide of a rapidly spreading new worm. The worm, labeled the Sapphire Worm by eEye, has been propagating by leveraging a flaw in Microsoft SQL Server 2000 discovered in July, 2002 by Next Generation Security Software Ltd.

The worm begins by targeting servers running versions of Microsoft SQL that have not been properly patched for the vulnerability. Once the worm infects such a server, it continues propagating by generating pseudo-random IP addresses representing other machines for potential infection. The worm payload does not contain any additional malicious content (in the form of backdoors etc.); however, because of the nature of the worm and the speed at which it attempts to re-infect systems, it can potentially create a denial-of-service attack against infected networks.

"Its as if the lessons of Code Red and Nimda have been completely forgotten," said Firas Raouf, COO of eEye Digital Security. "The patch for the Microsoft SQL vulnerability that the Sapphire Worm targets has been available for six months now. Proactive network vulnerability scanning and remediation of SQL servers would have dramatically reduced the spread of this worm."

For further information and a technical description of the advisory please visit:
http://research.eeye.com/html/alerts/AL20030125.html

eEye is offering a free tool that scans network machines and detects if any are vulnerable to the SQL worm, allowing administrators to efficiently protect their networks. The Retina Sapphire SQL Worm Scanner is based off of eEye’s network security scanner Retina®, ranked as the #1 vulnerability assessment product by Network World magazine. While the free tool allows for quick scanning by searching for one vulnerability, Retina detects over one thousand vulnerabilities to provide ongoing, comprehensive security audits for any network.

The free Retina Sapphire SQL Worm Scanner can be found by visiting:
http://research.eeye.com/html/tools/index.html

For more information on Retina Network Security Scanner please visit:
http://www.eeye.com/html/products/retina/index.html

About eEye Digital Security

eEye Digital Security is the global leader in a new class of security solutions: comprehensive vulnerability management and zero-day endpoint security protection. eEye enables secure computing through world-renowned research and innovative technology, supplying the world's largest businesses with an integrated and research-driven vulnerability assessment, intrusion prevention, and client security solution. eEye's research team is consistently the first to identify new threats in the wild and our products leverage that research to deliver the insights and tools necessary to protect our customer's operating environments. For more information, please visit http://www.eeye.com

Primary Press Contact

Victor Cruz
MediaPR
(401) 349-3369 vcruz@mediapr.net

EMEA Press Contact

Ralph Klöwer
INTERFACE Relations
+49 (0) 89-552 688-66 r.kloewer@interface.pr.de

Sitemap·
Feedback·
Privacy