Surf Wiki
Save to docs
general/computer-worms

From Surf Wiki (app.surf) — the open knowledge base

Voyager (computer worm)

Malware program

Malware program

The Voyager worm is a computer worm that exploits a SQL injection flaw (CVE-2004-0637) that was posted on the Internet on October 31, 2005, and is designed to target Oracle Databases, a proprietary database management system developed by Oracle.

Known variants

  • First, non-malicious, example: October 31, 2005.
  • Second example: December 29, 2005; attempts to stop remote Oracle listeners on machines that have not been properly secured.

Affected platforms

  • Any Operating System running Oracle Databases

Actions

The October 31 variant has a harmless payload, but could easily be modified.

The December 29, 2005 version attempts to create private database links in affected databases, but the procedure to spread is missing. If activated, it will grant DBA to PUBLIC. An AFTER LOGON trigger may run, which performs a Google search for its own code. The worm code tries to mail the username and password hashes to larry@oracle.com and oracle@random IP address. It tricks the user to reset the password for a well known database user. The clear intention is to increase the chances of successfully creating a private link to the database.

Spread

The October 31 variant tries to find other Oracle databases in the same subnet and uses private database links to connect to remote databases. The December 29 variant was posted incomplete, without a spreading mechanism.

Outbreaks

  1. October 31, 2005 – First posted on the Internet
  2. December 29, 2005 – Malicious variant (incomplete) posted on the Internet

References

References

  1. "New Oracle Voyager Worm Variant". Application Security Inc..
Info: Wikipedia Source

This article was imported from Wikipedia and is available under the Creative Commons Attribution-ShareAlike 4.0 License. Content has been adapted to SurfDoc format. Original contributors can be found on the article history page.

computer-worms
Want to explore this topic further?

Ask Mako anything about Voyager (computer worm) — get instant answers, deeper analysis, and related topics.

Research with Mako

Free with your Surf account

Content sourced from Wikipedia, available under CC BY-SA 4.0.

This content may have been generated or modified by AI. CloudSurf Software LLC is not responsible for the accuracy, completeness, or reliability of AI-generated content. Always verify important information from primary sources.

Report