funsec mailing list archives
Researcher Bares Oracle Zero-Day Flaw at Black Hat
From: "Fergie" <fergdawg () netzero net>
Date: Wed, 25 Jan 2006 23:05:23 GMT
Via eWeek. [snip] British security researcher David Litchfield used the spotlight of the Black Hat Federal Briefings here to call attention to a gaping flaw in the Oracle PL/SQL Gateway that remains unpatched three months after it was first reported to the database server giant. In a rare departure from his company's policy of withholding technical details on unpatched vulnerabilities, Litchfield provided a blow-by-blow demonstration of an exploit that could be used to gain full database administrator control of the back-end database server. [snip] More here: http://www.eweek.com/article2/0,1759,1915420,00.asp - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Researcher Bares Oracle Zero-Day Flaw at Black Hat Fergie (Jan 25)