Thanks to Pete Finnigan’s site we learn that there is a new version of the Oracle password cracker “woraauthbf” available.
From PF’s blog:
The Oracle password cracker woraauthbf written by Laszlo Toth has been updated and released as a new version 0.21R2 (The R2) is the new part, so even if you are running version 0.21 then please download the new release. The fix relates to a bug I found in 11g that if more than one user has the same password the cracker found the first occurance only. The bug fix corrects this. This is minor as the cracker could be used without error on the earlier database releases and its unlikely that many people are running 11g in production yet anyway.
For links and more on this check out his site. If you’re interested in Oracle security then you should really consider signing up for this RSS feed.