SQL slammer

from Wikipedia, the free encyclopedia

Slammer or SQL slammer is the name of a computer worm that can infect an unpatched Microsoft SQL Server 2000. It began to spread on January 25, 2003, infecting 75,000 victims in half an hour, the majority of them in the first 10 minutes. The SQL slammer uses two buffer overflows . Microsoft had already published a patch six months earlier, but it was not installed on many systems. The special thing about this worm is that it consists of a single UDP packet with only 376 bytes, which ensures its enormous spreading speed.

In some sources the worm is also called Sapphire , MS-SQL Slammer , WORM_SQLP1434.A , SQL Hell or Helkern .

According to a report by the US Nuclear Regulatory Commission , the worm penetrated the IT system of the Davis-Besse nuclear power plant in Ohio via an unsecured line in January 2003 and paralyzed the security system for almost five hours.

In November 2004, two members of virus writing group 29A were questioned by the police about the spread of the worm.

Web links

Individual evidence

  1. Was the worm in? - IT security in the US power supply , c't 18/2003, p. 34 ( Memento from December 6, 2003 in the Internet Archive ), there named as a source: Slammer worm crashed Ohio nuke plant network , Kevin Poulsen, SecurityFocus, August 19, 2003 .
  2. SQL slammer impaired US power plant control. Heise News report, August 17, 2003 .
  3. Alex Gostev: Benny, Ratter questioned  ( page no longer available , search in web archivesInfo: The link was automatically marked as defective. Please check the link according to the instructions and then remove this notice.@1@ 2Template: Dead Link / www.securelist.com