Full Disclosure mailing list archives

Cursor snarfing - a new class of vulnerability and attack in Oracle

From: "David Litchfield" <davidl () ngssoftware com>
Date: Mon, 27 Nov 2006 08:37:43 -0000

Hey all,
I've just written a paper detailing a fairly common PL/SQL programming error
related to cursors that leads to a new class of vulnerability in Oracle. You
can get a copy of the paper from http://www.databasesecurity.com/ .
Cheers,
David Litchfield
NGSSoftware Ltd
+44(0) 208 401 0070
http://www.ngssoftware.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Cursor snarfing - a new class of vulnerability and attack in Oracle David Litchfield (Nov 27)