Microsoft SQL Server TCP/IP Listener Detection

Severity

Theme

Microsoft SQL Server TCP/IP Listener Detection

info Nessus Plugin ID 10144

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

A database server is listening on the remote port.

Description

The remote host is running MSSQL, a database server from Microsoft. It is possible to extract the version number of the remote installation from the server pre-login response.

Solution

Restrict access to the database to allowed IPs only.

Plugin Details

Severity: Info

ID: 10144

File Name: mssqlserver_detect.nasl

Version: 1.58

Type: remote

Family: Service detection

Published: 10/12/1999

Updated: 3/15/2021

Dependencies: find_service1.nasl, find_service2.nasl, mssql_ping.nasl

Asset Inventory: true

Vulnerability Information

CPE: cpe:/a:microsoft:sql_server

Reference Information

IAVT: 0001-T-0800