Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » W32/SQLSlammer.A

Overview

Threat Risk LOW LOW
Destructivity NONE NONE
Payload
Detection files published
Description created 25 Jan 2003 05:59:00
Description updated 25 Jan 2003 06:24:00
Malware type WORM
Alias Sapphire
Spreading mechanism OTHER
Summary None

W32/SQLSlammer.A

Spreading

The worm connects on port 1434 to random machines. If these machines are running Microsoft SQL Server 2000, there is a possibility that the worm will gain access to the machine and can spread from this.

Payload Details

n/a

Analysis

n/a

Removal

The worm exists only in memory and is only 376 bytes long. We advice all users using MS SQL server to patch up their systems in order to protect themselves against this worm. The patch is available from http://www.microsoft.com/technet/security/bulletin/MS02-039.asp If you do believe yourself to be infected: Reboot the system Turn off the SQL server software Apply patch You may start the SQL server again


Last Updated: 12 Nov 2015 11:06:11