A worm that can attack Oracle Corp. databases has been posted to a security-related Internet mailing list. It is a “proof of concept” worm with a harmless payload, but similar worms could automatically spread among databases and wreak havoc. The worm takes advantage of default passwords provided by Oracle, which users typically replace with their own passwords. Security analysts: Users should stop using default passwords and password-protect the “listener” element of the database, which is responsible for communication between a user and the database.”]
Source: https://www.csoonline.com/article/2118941/hacker-publishes-oracle-proof-of-concept-worm.html