Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "A tiny digital camera"] [Next entry: "Oracle database worm mutates"]

Oracle 'Worm' Exploit Gets Ominous Tweak

Oracle 'Worm' Exploit Gets Ominous Tweak - by Ryan Naraine of writes:

"Exploit code for a malicious worm capable of wreaking havoc through Oracle databases has been tweaked and published, prompting a new round of warnings that an actual attack is inevitable."

This is an interesting summary of the recent changes to the Oracle worm published on the full disclosure list around two months ago. The recent changes have made the worm more dangerous but it still does not have a replication mechanism. This would not be difficult to do though and it looks ominously like it is only a matter of time before someone releases a version that will replicate..:-(