Bugtraq mailing list archives

Oracle Hyperion password disclosure...

From: Jeff Kayser <jeff.kayser () jibeconsulting com>
Date: Fri, 4 Sep 2015 17:14:39 +0000

Hi, all.

Oracle Hyperion Rapid Deployment installer leaves plaintext passwords in config files and logfiles.  Oracle has known 
about this for 2 years, and has decided not to patch any of the product versions prior to the latest version.  I have 
additional details if anyone is interested.

Jeff Kayser
Jibe Consulting | Managing Principal Consultant
5000 Meadows Rd. Suite 300
Lake Oswego, OR 97035
O: 503-517-3266 | C: 503.901.5021
jeff.kayser () jibeconsulting com

[cid:image009.jpg@01D00437.3D3091D0]<http://www.jibeconsulting.com/>
                              [cid:image010.jpg@01D00437.3D3091D0] <http://www.linkedin.com/company/jibe-consulting>    
  [cid:image011.jpg@01D00437.3D3091D0] <http://www.facebook.com/JibeConsulting>      
[cid:image012.jpg@01D00437.3D3091D0] <http://twitter.com/#!/JibeConsulting>

[cid:image013.jpg@01D00437.3D3091D0]


Disclaimer: This electronic message may contain information that is Confidential or legally privileged. It is intended 
only for the use of the individual(s) and entity named in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete the material from your computer. Do not deliver, distribute or 
copy this message and do not disclose its contents or take any action in reliance on the information it contains.

Attachment: Hyperion Essbase Rapid Deploy.docx
Description: Hyperion Essbase Rapid Deploy.docx

Current thread:

Oracle Hyperion password disclosure... Jeff Kayser (Sep 04)
- <Possible follow-ups>
- Re: Oracle Hyperion password disclosure... jeff . kayser (Sep 09)