Next Topic

Previous Topic

Home

Book Contents

Book Index

MonTel 'Slammer' worm (non)vulnerability.

This topic is obsolete as MonTel is no longer supplied with MSDE 1.0. (The suggested SQL database is MS SQL Express 5.0 and should be downloaded directly from Microsoft.)

A default installation of MonTel is not vulnerable to the 'Slammer' worm since it only installs MSDE 1.0. (MonTel is also provided with the MS Jet engine for use on small work groups, though this is being phased out in favour of MSDE.)

See also http://www.kb.cert.org/vuls/id/ADHR-5KCKPE

MonTel can also be used in conjunction with MS SQL Server 2000, which is vulnerable. This scenario is only likely when other applications are already being run on the SQL Server. SQL 2000 should be fully secured and the latest patches applied. Details of this can be found at: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-039.asp (link now broken).

See also http://www.sqlsecurity.com and the CERT advisory http://www.kb.cert.org/vuls/id/484891 and http://www.cert.org/advisories/CA-2003-04.html

For MSDE 1.0 we recommend that MonTel sites apply the Service Pack 4 patch for Microsoft SQL 7.0 which is used to also patch MSDE 1.0 and the SQL Server 7.0 Security Update for Service Pack 4.

Service Pack 4 is available from the Microsoft web site at: http://www.microsoft.com/sql/downloads/sp4.asp?SD=TECH&LN=en-au&gssnb=1 (link now broken see http://www.microsoft.com/downloads/details.aspx?familyid=8b39115b-879d-45fe-80d1-4f0900993a92&displaylang=en) and the SQL Server 7.0 Security Update for Service Pack 4 at: http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B327068&sd=tech.

Please note that MonTel is distributed with an unpatched version of MSDE 1.0 which is about 20MB. Service pack 4 is about 44MB. MSDE 1.0 is no longer available from Microsoft and they have not made a fully patched version available.

------------------------------