Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Oracle Announces General Availability of Oracle(R) Identity Management 10g Release 3"] [Next entry: "Oracle expert warns of weakness in PL/SQL"]

Databases at war

Databases at war - Millions of databases are just sitting out there, waiting for the next strike - By John E. Dunn

"Databases shouldn’t by rights have security holes in them at all, but years after they were first discovered to be an issue, they are still very much with us.

These holes open up in a number of ways, principally related to gaining privileges to execute or spoof (inject) scripts in the dominant query form SQL, or attempting to compromise or damage the operating system or other applications running on, or in conjunction with, the database."