Oracle database worm mutates

A new, more malicious version of a worm that targets Oracle database software has surfaced. The worm source code was sent out on a popular security mailing list just before the new year, security experts have said.

The new variant of what's been dubbed the "Oracle voyager" worm has a more malicious payload than the original variant, but still lacks a replication mechanism, Pete Finnigan, an Oracle security specialist wrote in his blog.

Most significantly, the updated worm code grants administrator access to public user accounts on the database and opens a backdoor, according to Finnigan's blog.

So far there have been no reports of any Oracle user being attacked by the voyager worm, said Ted Julian, vice president of strategy at Application Security Inc., a security vendor.

"This new variant shows the evolution of this worm, you see things escalate over time, " he said. "Until somebody gives it more aggressive propagation means, it is not likely to spread."

Application Security has published an alert on the worm. Oracle security specialist Red Database Security also has information on the pest.

Close
Drag