Home » Other » Community Hangout » Warning! Serious Oracle virus alert  () 1 Vote
Warning! Serious Oracle virus alert [message #501975] Fri, 01 April 2011 20:43 Go to next message
ramoradba
Messages: 2456
Registered: January 2009
Location: AndhraPradesh,Hyderabad,I...
Senior Member
/forum/fa/8843/0/

Oracle Tips by Burleson Consulting


April 1, 2011

The Computer Virus Legion has just issued a Severity-One virus alert for a security vulnerability for Oracle Databases on Linux and UNIX platforms.

This virus effects Oracle and may result in a complete loss of service. This virus may be serious and requires IMMEDIATE attention to neutralize the threat.

Problem: The virus exploits a vulnerability in a Windows Oracle client, allowing an unauthorized Oracle user to gain root privileges on the UNIX Oracle database server. The virus then places a malicious Trojan executable on the server.


CVL References: 41-20374, 75-28365.


Platforms Impacted: Sun Solaris, Red Hat Linux, SuSE Linux, AIX and HP UNIX.


Vulnerability Assessment: The risk is HIGH. The virus software allows the Oracle user to gain unauthorized root privileges and can cause serious loss of production service.


Virus Detection: This virus plants a Trojan UNIX shell executable (xxx.sh) on your Oracle server and starts a daemon process on each Oracle UNIX server.

Again, the threat level for this virus is HIGH, and we highly recommend that you get full details. This Oracle virus creates a Trojan executable on your Oracle server and starts a daemon process on each Oracle UNIX server. If the following command returns "1" then your server may be infected:

ps -ef|grep `whoami`|grep -v grep|wc -l

The virus spreads between Oracle servers using the UNIX e-mail gateway by exploiting the UNIX mailx daemon, sending malicious messages to all users defined in the /etc/passwd file. These messages can be detected by their distinctive subject line, 'GENERIC VIAGRA'.


Hallmarks of the Oracle virus include:

Increasing degradation in Oracle performance, especially as user load and database size increases.

Sub-optimal SQL execution plans will appear in the Oracle library cache.

The instance will switch to rule-based SQL optimization and send an e-mail to Oracle Support, requesting additional performance pack licenses.

The virus will rewrite your Oracle backup files, changing all active verbs to a passive voice and introducing undetectable misspellings into all of your text.

You may see a variation on the Oprah Winfrey virus where your SYSTEM tablespace suddenly shrinks to 20 Meg, and then slowly expands-out to over 500 Meg.

The daemon process will install Postgres on every server.

The virus is variant of the Monica Lewinsky virus, sucking all of the RAM out of your system and then sending e-mails all users, telling them about it.

It will de-magnetize the strips on all of your credit cards and re-program your ATM access code.

It will program your telephone to auto-dial 1-900 talk-dirty-to-me phone lines.

If you are running Oracle on Windows, it will will re-calibrate your refrigerator's coolness settings so that all your ice cream melts.

If you are running the multi-threaded server, it will leave the toilet seat up and leave your hair dryer plugged in dangerously close to a full bathtub.


PLEASE FORWARD THIS VIRUS ALERT TO EVERY ORACLE DBA!


Sriram b:)

Re: Warning! Serious Oracle virus alert [message #501977 is a reply to message #501975] Fri, 01 April 2011 21:03 Go to previous messageGo to next message
ramoradba
Messages: 2456
Registered: January 2009
Location: AndhraPradesh,Hyderabad,I...
Senior Member
http://www.youtube.com/watch?v=Bu927_ul_X0&feature=player_embedded


And finally If you try to install
/forum/fa/8846/0/
  • Attachment: gmotion.JPG
    (Size: 69.18KB, Downloaded 3093 times)

[Updated on: Fri, 01 April 2011 21:06]

Report message to a moderator

Re: Warning! Serious Oracle virus alert [message #502990 is a reply to message #501975] Tue, 12 April 2011 03:03 Go to previous messageGo to next message
Frank Naude
Messages: 4579
Registered: April 1998
Senior Member
It's basically the same "virus alert" they've published back in 2004.

See "Just for Fun... Phony Virus Alert" @ http://www.dba-oracle.com/virus_alert_fake.htm
Re: Warning! Serious Oracle virus alert [message #503003 is a reply to message #502990] Tue, 12 April 2011 03:36 Go to previous message
ramoradba
Messages: 2456
Registered: January 2009
Location: AndhraPradesh,Hyderabad,I...
Senior Member
Yah !
Its was On "April 1, 2011"
But when I run the Gmail motion i thought its a real one...But not Smile

Sriram
Previous Topic: DB Marketshare
Next Topic: hello
Goto Forum:
  


Current Time: Fri Mar 29 09:03:28 CDT 2024