New Worm Targets Microsoft SQL Servers
A new Internet worm that targets poorly secured systems running Microsoft's SQL Server software is on the loose but unlikely to spread widely, security experts reported today. The worm, which has not yet been named, appears to target Microsoft SQL servers which have no password on the system administrator account, according to a preliminary analysis of the code by participants on Incidents, a mailing list for tracking computer intrusions.
When it finds a vulnerable system, the worm appears to install two Trojan horse programs that may be used by the worm's creator to control the server.
The Incidents list discussion of the SQL worm is at http://archives.neohapsis.com/archives/incidents/2001-11/0102.html.