While it still may not be "millions of people" several products come bundled with the desktop edition of SQL Server 2000, and I'm sure many will come with SQL Server 2005 Express. As far as I can tell by reading the paper (but not testing it myself) these are probably vulnerable as well if the configuration allows the guest account access to the database.
Dave King http://www.thesecure.net > > To be honest I don't think we're talking millions of people. How many > people at home run a fully fledged RDBMS on their XP systems? Very few > I'd guess. Besides, Simple File Sharing is documented so MS are > educating those willing to seek information. > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
