[unisog] new virus?
michael.holstein at csuohio.edu
Thu Feb 24 17:04:20 GMT 2005
> Just for reference, I had an admin who had an mssql server that he swore
> did not have a blank SA password. Nessus kept saying he did. I finally
> connected remotely via the mssql manager without a password. Then he
> believed me; though it took him three tries to successfully get a
> password on the account.
Also bear in mind that MSDE (desktop edition) installs by default with a
blank 'sa' password and has all the functionality (worm-wise anyway) as
the full version of SQL.
Here's the KB on that pesky little problem :
Michael Holstein CISSP GCIA
Cleveland State University
More information about the unisog