New worm variant exploits Oracle errors

The malicious code has the ability to exploit security vulnerabilities and cause serious damage to previously distributed Oracle database software that has been widely modified and redistributed on the Internet, ringing a scene ring. New report about a new attack.

Thus, just two months after an unnamed researcher first published an example of an attack computer worm exploiting a security vulnerability in Oracle database software, this malicious code was researched and improved to redistribute through the list of Full Disclosure email. Again a new technique to attack this database system.

However, Alexander Kornbrust, executive director of database security firm GmbH, said: 'These kinds of attacks are still theoretical and I don't think that the applications The database may be threatened because of risks like this. If you are managing a large company with hundreds of valuable databases, this code is really a destroyer. This malicious code is likely to be used to develop into a complete worm. Being careful is probably the best thing to do '

Kornbrust - an expert well known for Oracle's security research products - thinks he has also created a real attack method that uses the default username and password in the engine. Oracle database.

Aaron Newman, senior technology engineer at Application Security Inc., described this new code as something "much more advanced" than the previous code. ' However, it still lacks practical applicability to spread widely even though they themselves are capable .'

Kornbrust recommends that database administrators need to be cautious about the risk of attacks based on security vulnerabilities on workstations plus dangerous code exploiting Oracle's security flaws. ' A successful attack can target database applications through a Windows vulnerability, gaining system access to using Oracle worms to cause serious damage. '