Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: The Week of Oracle Database Bugs

From: Joel Eriksson <je-dailydave () bitnux com>
Date: Tue, 21 Nov 2006 13:42:27 +0100
If that's the case, the threat to US National Security is there
regardless of if Cesar releases a couple of his 0days or not.

Actually, it might even put some pressure on Oracle to start
taking security seriously, which would be a huge favor to
their customers.

Vulnerabilities are often known and (ab)used long before they
are publicly known. It's the existence of a security bug that
is the real danger, not whether the bug is known by the public
at large, by a small group or by noone (so far). Actually, the
bug can do far more damage during the time it's known only by
a few.

-- 
Best Regards,
Joel Eriksson
CTO Bitsec AB

On Tue, Nov 21, 2006 at 11:14:41AM +0530, ¯`·._The Sun_.·´¯ wrote:

I hear often that most of the US govt. data resides in/on Oracle databases.
Depending on how much information Argeniss reveals, couldn't this turn into
a significant threat to US National Security?

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: