[unisog] new virus?

Michael Holstein michael.holstein at csuohio.edu
Thu Feb 24 17:04:20 GMT 2005

> Just for reference, I had an admin who had an mssql server that he swore 
> did not have a blank SA password.  Nessus kept saying he did.  I finally 
> connected remotely via the mssql manager without a password.  Then he 
> believed me; though it took him three tries to successfully get a 
> password on the account.

Also bear in mind that MSDE (desktop edition) installs by default with a 
blank 'sa' password and has all the functionality (worm-wise anyway) as 
the full version of SQL.

Here's the KB on that pesky little problem :



Michael Holstein CISSP GCIA
Cleveland State University

More information about the unisog mailing list