The original SecurityFocus Report: MS-SQL Worm?
SQL Server's default behavior of blank admin password is a disaster. If you want your network to be secure, automate a scan for port 1433, used by sql server, and check for sa admin accounts with blank passwords. By using SQL's command shell, a hacker (if you are unlucky) or penetration tester (if you are lucky) can take over the server. The extent of the exposure depends on what account sql service is running under. Some sites run the service using a domain admin account. Wonderful! If you can break the sa password, or if its blank, you can use the command shell to create a new account and add it to the domain administrator's group. A blank sa password can expose the entire enterprise.