on one of our SQL server hosts the following was generated:
DETAILS: The following accounts were found in the SQL Server: Account 'sa' has password 'sa' Account 'sa' has password 'password' Account 'sa' has password 'administrator' Account 'sa' has password 'admin' Account 'admin' has password 'administrator' Account 'admin' has password 'password' Account 'admin' has password 'admin' Account 'probe' has password 'probe' Account 'probe' has password 'password'
We found that the test condition was flawed:
The attempted login generated the following output:
Login failed for user 'sa'. Reason: Not associated with a trusted SQL Server connection
The plugin was looking for "SQL Server" as the indicator of success hence it returned a hit.
On another SQL Server host however, the login reject message was simply:
Login failed for user 'sa'
Let me know if you need any more details. (I'll attempt to find out the exact version and patch level of these servers if anyone's interested)
eliot
