找回密码
 FreeOZ用户注册
查看: 2642|回复: 2

[数据库] Warning! Serious Oracle virus alert

[复制链接]
发表于 4-4-2011 11:08:05 | 显示全部楼层 |阅读模式

马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。

您需要 登录 才可以下载或查看,没有帐号?FreeOZ用户注册

x
The Computer Virus Legion has just issued a Severity-One virus alert for a security vulnerability for Oracle Databases on Linux and UNIX platforms.  

This virus effects Oracle and may result in a complete loss of service.  This virus may be serious and requires IMMEDIATE attention to neutralize the threat.

    *

      Problem: The virus exploits a vulnerability in a Windows Oracle client, allowing an unauthorized Oracle user to gain root privileges on the UNIX Oracle database server.  The virus then places a malicious Trojan executable on the server.
      
    *

      CVL References: 41-20374, 75-28365.
      
    *

      Platforms Impacted:  Sun Solaris, Red Hat Linux, SuSE Linux, AIX and HP UNIX.
      
    *

      Vulnerability Assessment: The risk is HIGH. The virus software allows the Oracle user to gain unauthorized root privileges and can cause serious loss of production service.
      
    *

      Virus Detection: This virus plants a Trojan UNIX shell executable (xxx.sh) on your Oracle server and starts a daemon process on each Oracle UNIX server.

Again, the threat level for this virus is HIGH, and we highly recommend that you get full details.  This Oracle virus creates a Trojan executable on your Oracle server and starts a daemon process on each Oracle UNIX server.  If the following command returns "1" then your server may be infected:

        ps -ef|grep `whoami`|grep -v grep|wc -l

The virus spreads between Oracle servers using the UNIX e-mail gateway by exploiting the UNIX mailx daemon, sending malicious messages to all users defined in the /etc/passwd file. These messages can be detected by their distinctive subject line, 'GENERIC VIAGRA'.


Hallmarks of the Oracle virus include:

    *

      Increasing degradation in Oracle performance, especially as user load and database size increases.
    *

      Sub-optimal SQL execution plans will appear in the Oracle library cache.
    *

      The instance will switch to rule-based SQL optimization and send an e-mail to Oracle Support, requesting additional performance pack licenses.
    *

      The virus will rewrite your Oracle backup files, changing all active verbs to a passive voice and introducing undetectable misspellings into all of your text.
    *

      You may see a variation on the Oprah Winfrey virus where your SYSTEM tablespace suddenly shrinks to 20 Meg, and then slowly expands-out to over 500 Meg.
    *

      The daemon process will install Postgres on every server.
    *

      The virus is variant of the Monica Lewinsky virus, sucking all of the RAM out of your system and then sending e-mails all users, telling them about it.
    *

      It will de-magnetize the strips on all of your credit cards and re-program your ATM access code.
    *

      It will program your telephone to auto-dial 1-900 talk-dirty-to-me phone lines.
    *

      If you are running Oracle on Windows, it will will re-calibrate your refrigerator's coolness settings so that all your ice cream melts.
    *

      If you are running the multi-threaded server, it will leave the toilet seat up and leave your hair dryer plugged in dangerously close to a full bathtub.


PLEASE FORWARD THIS VIRUS ALERT TO EVERY ORACLE DBA!
回复  

使用道具 举报

 楼主| 发表于 4-4-2011 11:08:50 | 显示全部楼层
It should have been posted last Friday.
回复  

使用道具 举报

发表于 4-4-2011 20:02:44 | 显示全部楼层
1st April hoax...
回复  

使用道具 举报

您需要登录后才可以回帖 登录 | FreeOZ用户注册

本版积分规则

小黑屋|手机版|Archiver|FreeOZ论坛

GMT+11, 29-3-2024 19:06 , Processed in 0.018061 second(s), 18 queries , Gzip On, Redis On.

Powered by Discuz! X3.2

© 2001-2013 Comsenz Inc.

快速回复 返回顶部 返回列表