RE: Oracle Worm

• To: <JHostetter@xxxxxxxxxxxxxxxxxxxx>, <oracle-l@xxxxxxxxxxxxx>
• Date: Thu, 3 Nov 2005 16:15:33 -0500

One would think that if Oracle has the brains to document doing that,
that they would then modify their scripts to not do those grants in the
first place. 

-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Hostetter, Jay M
Sent: Thursday, November 03, 2005 4:10 PM
To: oracle-l@xxxxxxxxxxxxx
Subject: RE: Oracle Worm

 One of our standard procedures is to revoke execute on some packages
from public, as recommended in the Database Administrator's Guide.  It's
page 715 of my copy (9i release 2).
  UTL_TCP is one of the packages that is recommended to revoke from
public, which would help to stop this worm. 

Jay

-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Paul Drake
Sent: Thursday, November 03, 2005 3:58 PM
To: DGoulet@xxxxxxxx
Cc: oracle-l@xxxxxxxxxxxxx
Subject: Re: Oracle Worm

On 11/3/05, Goulet, Dick <DGoulet@xxxxxxxx> wrote:
> Just got the following link from an E-week news message.  Think all of

> us will be interested.
>
> http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038290
> .h
> tml
>
> Or:
>
> http://tinyurl.com/9so5f
>
> Dick Goulet
> Senior Oracle DBA
> Oracle Certified DBA
> --




**DISCLAIMER
This e-mail message and any files transmitted with it are intended for
the use of the individual or entity to which they are addressed and may
contain information that is privileged, proprietary and confidential. If
you are not the intended recipient, you may not use, copy or disclose to
anyone the message or any information contained in the message. If you
have received this communication in error, please notify the sender and
delete this e-mail message. The contents do not represent the opinion of
D&E except to the extent that it relates to their official business.

--
//www.freelists.org/webpage/oracle-l


--
//www.freelists.org/webpage/oracle-l

Other related posts:

• » Oracle Worm
• » Re: Oracle Worm
• » RE: Oracle Worm
• » RE: Oracle Worm
• » RE: Oracle Worm
• » RE: Oracle Worm
• » Re: Oracle Worm

1. Home
2. oracle-l
3. Archive
4. 11-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---