Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-01-12 InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Windows 98 support extended. Reports of SQL Slammer, Solaris TTYPROMPT compromises

Published: 2004-01-12
Last Updated: 2004-01-12 20:51:23 UTC
by Joshua Wright (Version: 1)
0 comment(s)
Windows 98 Support Extended

The ZD Net news service is reporting that Microsoft has announced a reprieve for the discontinuance of support for Windows 98. Organizations should use this extra time to plan a migration path away from Windows 98 in order to continue receiving security updates and patches in the future.


SQL Slammer Activity

One organization reported a recent increase in the number of SQL Slammer infections. Just a reminder that SQL Slammer is still a very real threat if you are running unpatched versions of MS SQL Server 2000 or the Microsoft Desktop Engine (MSDE). Microsoft patches MS02-039 and MS02-061 are needed to resolve the vulnerability exploited by SQL Slammer. Organizations should consider maintaining filters on routers and firewalls for UDP/1434 to stop SQL Slammer activity from entering and leaving your network.


Solaris TTYPROMPT Exploits in use

At least one organization has reported Solaris 8 systems being exploited with the Solaris TTYPROMPT vulnerability. This vulnerability affects the Solaris telnet service and permits a remote attacker to gain access to privileged user accounts. SunSolve patch 110668-03 is needed to fix this vulnerability on Solaris 8. This vulnerability was announced on the BUGTRAQ mailing list on 18-JAN-2002.


-Joshua Wright
0 comment(s)
Diary Archives