Exploit Circulating for Newly Patched Oracle Bug

October 21, 2005

[From CSO Online]

Database administrators now have a little added incentive to install Oracle Corp.'s latest security patches, released earlier this week. Malicious software is now circulating that can crash an unpatched database server, and one security expert predicted that more malware targeting the 89 recently patched vulnerabilities is on the way.

On Thursday, code was published on the Full Disclosure security mailing list that exploits a buffer overflow vulnerability in certain versions of Oracle’s databases.

The article continues at http://www2.csoonline.com/blog_view.html?CID=13433