Skip navigation
Menu
Data Analytics and Data Management>SQL

Worm Targets Blank SA Passwords

A warning to shops that still, despite numerous warnings, have a blank SQL Server system administrator (sa) password: Microsoft says that a worm code-named Voyager Alpha Force, which takes advantage of blank sa passwords, is making its way around the Internet. According to the Microsoft article "PRB: Unsecured SQL Server with Blank (NULL) SA Password Leaves Vulnerability to a Worm," the worm looks for a server that's running SQL Server by scanning for port 1433, the SQL Server default port. If the worm finds a server, it tries to log in to the default instance of that SQL Server with a blank (NULL) sa password. If the login is successful, the worm broadcasts the address of the unprotected SQL Server on an Internet Relay Chat (IRC) channel, then tries to load and run an executable file from an FTP site in the Philippines. Logging in to SQL Server as sa gives the user administrative access to the computer and, depending on your environment, possibly access to other computers. For details about how to safeguard your SQL Server systems from the worm (hint: secure your sa login account with a strong, non-NULL password), see the following URL:

   http://support.microsoft.com/default.aspx?scid=kb;en-us;313418

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
digital world map on warehouse background
How To Build an International Shipping Software System
Jan 30, 2024
PowerShell Analytics header.jpg
Interactive Data Analytics With PowerShell, SQL, and ChatGPT (Sample Script)
Sep 19, 2023
blue gears
How To Filter SQL Server Data in Windows PowerShell
Sep 15, 2023
PowerShell Chart hero.jpg
How To Visualize SQL Server Data in PowerShell (With Sample Script)
Sep 11, 2023