New deep variant exploits Oracle errors

The malicious code has the ability to exploit security vulnerabilities and cause serious damage to previously distributed Oracle database software that has been widely modified and redistributed on the Internet, ringing a scene ring. New report about a new attack.

Thus, just two months after the warehouse of an unnamed researcher for the first time published an example of an attack computer worm exploiting a security vulnerability in Oracle database software, this malicious code was researched and improved to redistribute through the list of Full Disclosure email. Add a new technique to attack this database system.

However, Alexander Kornbrust, executive director of database security firm GmbH, said: 'These types of attacks are still theoretical and I do not think of mechanical applications. The database may be threatened because of these risks. If you are managing a large company with hundreds of valuable databases, this code is really a destroyer. This malicious code is likely to be used to develop into a complete worm. Being careful is probably the best thing to do '

Kornbrust - an expert well known for Oracle's security products research - said he himself created a real attack method that uses the default username and password in the engine. Oracle database.

Aaron Newman, senior technology engineer at Application Security Inc., described this new code as something "much more advanced" than the previous code. ' However, it still lacks practical applicability to spread widely even though they themselves are capable .'

Kornbrust recommends that database administrators need to be cautious about the risk of attacks based on security holes on workstations plus dangerous code exploiting Oracle's security flaws. ' A successful attack can target database applications through a Windows vulnerability, gaining system access to using Oracle worms to cause serious damage. '