Network Impact of the MS SQL Worm
Subject:   New 'Slammer' or 'Sapphire/SQLhell' worm attacks Microsoft SQL Server
Date:   2003-01-31 05:41:57
From:   anonymous2
'Slammer' or 'Sapphire' worm attacks SQL Server
On January 25, 2003, a new worm was discovered. The worm abuses a known bug in Microsoft SQL Server but surprised a lot of network administrators by using the UDP instead of TCP/IP protocol. On many firewalls this port is not filtered granting the worm free access to every SQL Server database on the network. users were automatically protected from this vulnerability, even before discovery!