Full Disclosure mailing list archives
RE: Oracle read-only user can insert/update/delete data
From: "Van Winssen, Andre A SITI-ITIBHW5" <Andre.VanWinssen () shell com>
Date: Wed, 12 Apr 2006 07:56:31 +0200
Alexander, I have to say it once again: your company is very careless and irresponsible for publishing so much detail about this new oracle security flaw for which no patch exists yet, endangering many customer production databases. I have sent testcases to Oracle too that shows that it works against any oracle version currently available. I expect oracle to include the fix in the next cpu, but have my doubts. Kind regards, Andre van Winssen _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: Oracle read-only user can insert/update/delete data Van Winssen, Andre A SITI-ITIBHW5 (Apr 11)
- Re: RE: Oracle read-only user can insert/update/delete data H D Moore (Apr 11)
- Re: RE: Oracle read-only user can insert/update/delete data KF (lists) (Apr 12)
- <Possible follow-ups>
- RE: Oracle read-only user can insert/update/delete data Van Winssen, Andre A SITI-ITIBHW5 (Apr 11)