Gravité: : Critique
  Identifiant(s) CVE: : CVE-2000-1209

  Description

The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.

  Information Exposure Rating:

Apply associated Trend Micro DPI Rules.

  Solutions

  Trend Micro Deep Security DPI Rule Number: 1000608

  Affected software and version:

  • Microsoft MSDE 1.0
  • Microsoft SQL Server Desktop Engine 2000