您需要 登录 才可以下载或查看,没有帐号?FreeOZ用户注册
The Computer Virus Legion has just issued a Severity-One virus alert for a security vulnerability for Oracle Databases on Linux and UNIX platforms.
This virus effects Oracle and may result in a complete loss of service. This virus may be serious and requires IMMEDIATE attention to neutralize the threat.
Problem: The virus exploits a vulnerability in a Windows Oracle client, allowing an unauthorized Oracle user to gain root privileges on the UNIX Oracle database server. The virus then places a malicious Trojan executable on the server.
CVL References: 41-20374, 75-28365.
Platforms Impacted: Sun Solaris, Red Hat Linux, SuSE Linux, AIX and HP UNIX.
Vulnerability Assessment: The risk is HIGH. The virus software allows the Oracle user to gain unauthorized root privileges and can cause serious loss of production service.
Virus Detection: This virus plants a Trojan UNIX shell executable (xxx.sh) on your Oracle server and starts a daemon process on each Oracle UNIX server.
Again, the threat level for this virus is HIGH, and we highly recommend that you get full details. This Oracle virus creates a Trojan executable on your Oracle server and starts a daemon process on each Oracle UNIX server. If the following command returns "1" then your server may be infected:
ps -ef|grep `whoami`|grep -v grep|wc -l
The virus spreads between Oracle servers using the UNIX e-mail gateway by exploiting the UNIX mailx daemon, sending malicious messages to all users defined in the /etc/passwd file. These messages can be detected by their distinctive subject line, 'GENERIC VIAGRA'.
Hallmarks of the Oracle virus include:
Increasing degradation in Oracle performance, especially as user load and database size increases.
Sub-optimal SQL execution plans will appear in the Oracle library cache.
The instance will switch to rule-based SQL optimization and send an e-mail to Oracle Support, requesting additional performance pack licenses.
The virus will rewrite your Oracle backup files, changing all active verbs to a passive voice and introducing undetectable misspellings into all of your text.
You may see a variation on the Oprah Winfrey virus where your SYSTEM tablespace suddenly shrinks to 20 Meg, and then slowly expands-out to over 500 Meg.
The daemon process will install Postgres on every server.
The virus is variant of the Monica Lewinsky virus, sucking all of the RAM out of your system and then sending e-mails all users, telling them about it.
It will de-magnetize the strips on all of your credit cards and re-program your ATM access code.
It will program your telephone to auto-dial 1-900 talk-dirty-to-me phone lines.
If you are running Oracle on Windows, it will will re-calibrate your refrigerator's coolness settings so that all your ice cream melts.
If you are running the multi-threaded server, it will leave the toilet seat up and leave your hair dryer plugged in dangerously close to a full bathtub.