Port Details - Port 1433

Oct 22 5,020 Oct 24 2,098 Oct 25 2,099 Oct 26 2,336 Oct 27 2,479 Oct 28 2,276 Oct 29 2,201 Oct 30 2,166 Oct 31 2,023 Nov 01 2,043 Nov 02 1,912 Nov 03 2,345 Nov 04 2,290 Nov 05 2,201 Nov 06 2,230 Nov 07 2,037 Nov 08 1,980 Nov 09 2,137 Nov 10 2,129 Nov 11 1,973 Nov 12 2,354 Nov 13 1,845 Nov 14 1,710 Nov 15 1,658 Nov 16 1,823 Nov 17 1,833 Nov 18 1,980 Nov 19 1,857 Nov 20 1,720 Nov 21 459 Oct 22 45,431 Oct 24 94,813 Oct 25 96,248 Oct 26 72,149 Oct 27 96,611 Oct 28 96,324 Oct 29 95,035 Oct 30 96,724 Oct 31 95,366 Nov 01 95,618 Nov 02 97,098 Nov 03 96,284 Nov 04 96,667 Nov 05 96,226 Nov 06 96,776 Nov 07 93,572 Nov 08 95,048 Nov 09 94,988 Nov 10 93,837 Nov 11 87,836 Nov 12 86,877 Nov 13 87,042 Nov 14 83,301 Nov 15 85,744 Nov 16 85,375 Nov 17 87,743 Nov 18 87,651 Nov 19 87,078 Nov 20 85,031 Nov 21 4,853
[show ascii data]
  • Start Date:
  • End Date:
  • Port:
  • Left Graph:
  • Right Graph:
  • Show Range:Yes No

Port Information

ProtocolServiceName
tcpms-sql-sMicrosoft-SQL-Server
udpms-sql-sMicrosoft-SQL-Server
[get complete service list]

User Comment

Submitted ByDate
Comment
Marcus H. Sachs, SANS Institute2003-10-10 00:50:59
SANS Top-20 Entry: W2 Microsoft SQL Server (MSSQL) http://isc.sans.org/top20.html#w2 The Microsoft SQL Server (MSSQL) contains several serious vulnerabilities that allow remote attackers to obtain sensitive information, alter database content, compromise SQL servers, and, in some configurations, compromise server hosts. MSSQL vulnerabilities are well-publicized and actively under attack. Two recent MSSQL worms in May 2002 and January 2003 exploited several known MSSQL flaws. Hosts compromised by these worms generate a damaging level of network traffic when they scan for other vulnerable hosts.
Johannes Ullrich2002-10-10 17:21:35
Port 1433 is used by Microsoft SQL Server. SQLSnake is one worm taking advantage of SQL Server installs without password. As SQL Server is able to run batch files and command line programs, it can be used to download and install malware. Basic Protection: Use good passwords for all SQL Server accounts.
Add a comment

CVE Links

CVE #Description
CVE-1999-287 "Vulnerability in the Wguest CGI program."
CVE-2000-1081 "The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP)
CVE-2000-1082 "The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP)
CVE-2000-1083 "The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP)
CVE-2000-1084 "The xp_updatecolvbm function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP)
CVE-2000-1085 "The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP)
CVE-2000-1086 "The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP)
CVE-2000-1088 "The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP)
CVE-2001-542 "Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror
CVE-2002-642 "The registry key containing the SQL Server service account information in Microsoft SQL Server 2000