1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

Plesk MS SQL Insecure

Discussion in 'Plesk for Windows - 8.x and Older' started by MattWHT, Feb 8, 2004.

  1. MattWHT

    MattWHT Guest

    0
     
    Is the MS SQL version installed is Plesk insecure. I woke up this morning to find the machine pushing a over 7mbits per seconds and its seems from the logs a trojan was uploaded via xp_cmdshell?
     
  2. AdamF

    AdamF Guest

    0
     
    Yes it requires patching up. It is the old vulnerability that the slammer worm used. You should patch MSDE to SP3 and apply a hotfix. If you are going to reinstall your box then I would advise that you installed the sp3 version of sql server first and then install plesk. I had less hassle that way. BTW make sure you install it in mixed mode.

    AdamF
     
  3. MattWHT

    MattWHT Guest

    0
     
    Isn't that just stupid of Plesk? Why bother including insecure software?

    System administration practices aside, I mean any IP is regularly scanned by bots for such vunerabilities, so despite that fact the Plesk doesnt mention anywhere about MS-SQL server (it's not even in the service list - Plesk SQL server applies to mySQL), just whilst installing it you open your computer to remote vunerability (e.g. myself with xp_cmdshell), a good bot will only need a few seconds.
     
  4. AdamF

    AdamF Guest

    0
     
    I agree especially if you don't even have a mssql licence, like us. It is in the services list under mssqlserver. As we didn't have the license I didn't expect to have it installed. I tell you what, I learnt about MS BaseLine after this vulnerability.
     
  5. MattWHT

    MattWHT Guest

    0
     
    I think its MSDE (basically MS-SQL with a 5 concurrent access) which is can be distributed as far as I know, but still it seems like gross neglience on the part of Plesk to include an insecure version like I said a clever bots only need a few seconds , I definitely won't be purchasing Plesk now (probably time to move on...).
     
Loading...