Oracle 'Worm' Exploit Gets Ominous Tweak
"Exploit code for a malicious worm capable of wreaking havoc through Oracle databases has been tweaked and published, prompting a new round of warnings that an actual attack is inevitable."
This is an interesting summary of the recent changes to the Oracle worm published on the full disclosure list around two months ago. The recent changes have made the worm more dangerous but it still does not have a replication mechanism. This would not be difficult to do though and it looks ominously like it is only a matter of time before someone releases a version that will replicate..:-(