Thursday, November 03, 2005

Oracle worm


I was pleased to hear that a POC code for an Oracle worm had been written.
I like the concept of it, of course more features can be added (like getting information from the db_links, etc.) but it is a good start.

I think it is important that companies raise their awareness regarding DB security (as they are).

This is one of the news articles talking about the worm:

A link to Alexander Kornbrust of Red Database Security analysis of the worm:

And the actual code:


No comments: