New attack technique puts Oracle in crosshairs - by Joris Evers
"A new attack technique increases the risk of commonly found bugs in Oracle's database software, a security researcher has warned.
It was previously thought that an attacker needed high-level privileges on the database to exploit so-called PL SQL injection vulnerabilities. With a new attack technique, that's no longer true, David Litchfield, a database security expert with NGS Software, said on Thursday at the Black Hat DC event in Arlington, Virginia."
Blog
Pete Finnigan's Oracle Security Weblog
This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.
[Previous entry: "Oracle exploits available"] [Next entry: "Researcher charts new, more dangerous Oracle attack"]
March 2007
- New and Improved Oracle Exploits Coming at Black Hat - 03/03/2007 by 03/03/2007
- More Oracle exploits - 03/05/2007 by 03/05/2007
- New paper on Oracle Forensics - 03/06/2007 by 03/06/2007
- Nice paper on BBED in French - 03/11/2007 by 03/11/2007
- Oracle forensics, UKOUG and blog troubles - 03/17/2007 by 03/17/2007
- Interesting post on previous values in datafiles - 03/22/2007 by 03/22/2007
- Oracle sues SAP for allegedly behaving like it has toward Linux - 03/23/2007 by 03/23/2007
- SQLGotcha 4.0 beta released on Sourceforge - 03/24/2007 by 03/24/2007
- 4 new Oracle exploits released - 03/26/2007 by 03/26/2007
- Site downtime - 03/28/2007 by 03/28/2007
- Cesar Cerrudo shows how to find more than 5 local 0-days in Oracle - 03/29/2007 by 03/29/2007
- 2 new exploits for Oracle - 03/30/2007 by 03/30/2007
Archives
Syndication
Powered by gm-rss 2.0.0
