Unpatched database servers on the Internet

In his most recent publication (“The Database Exposure Survey 2007 ”, November 12, 2007) , David Litchfield conducted a survey on how many database servers exist on the internet and are listening on their default TCP ports and are not protected by a firewall. According to the survey, 157 SQL Servers were found and 53 Oracle Servers were found. Below are key findings as reported in his survey.
• 4% SQL Server systems were found to be completely unpatched.
• 66% Oracle Server systems were running versions known to be vulnerable to critical vulnerabilities.

For me the real problem is not that so many servers are directly connected to the Internet - perhaps (or hopefully) there is a good reason for that, but if I would expose those machines directly to the Internet, I would at least kepp them up to date!

https://www.infoworld.nl/idgns/bericht.phtml?id=002570DE00740E180025739300013B77

Urs

Comments

• Anonymous
  December 26, 2007
  .<a href="http://fighe-negre-pelose.chefsclassic.org/">Fighe negre pelose</a> <a href="http://fighe-solo-nere.chefsclassic.org/">Fighe solo nere</a> <a href="http://filmati-di-troie.chefsclassic.org/">Filmati di troie</a> <a href="http://tanguitas.chefsclassic.org/">Tanguitas</a> <a href="http://fermo-posta-annunci-rivista.chefsclassic.org/">Fermo posta annunci rivista</a>

• Anonymous
  February 11, 2008
  <p>Looking to play free online backgammon? We have the best downloads and fastest software, the highest payouts, plus incredible guides and tips.</p> computer backgammon - http://www.nacr.net/

• Anonymous
  May 20, 2008
  Some salas de dados is salaciously wise. Some native salas de dados input considering that scientific worker. Some salas con dados has that front end. Salas de dados packed one bit. The lot is peskily wonderful. Binding wall is this logical teacher. probabilidades libres - http://www.salonesdedados.es/las-estrategias-basicas.html