Oracle Worm Proof-of-concept

Wednesday Nov 2nd 2005 by DatabaseJournal.com Staff
Share:

On Monday, an anonymous developer on the Full-Disclosure mailing list contributed a post titled "Trick or Treat Larry", disclosing a proof-of-concept worm that targets Oracle databases with default user accounts and passwords.

[From Sans Internet Storm Center]

On Monday (31-OCT-2005), an anonymous developer on the Full-Disclosure mailing list contributed a post titled "Trick or Treat Larry", disclosing a proof-of-concept worm that targets Oracle databases with default user accounts and passwords.

The worm uses the UTL_TCP package to scan for remote Oracle databases on the same local network. Upon finding another database, the SID is retrieved and the worm uses several default username and password combinations to attempt to login to the remote database.

The article continues at http://isc.sans.org/diary.php?storyid=812

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved