Full Disclosure mailing list archives
Cursor snarfing - a new class of vulnerability and attack in Oracle
From: "David Litchfield" <davidl () ngssoftware com>
Date: Mon, 27 Nov 2006 08:37:43 -0000
Hey all, I've just written a paper detailing a fairly common PL/SQL programming error related to cursors that leads to a new class of vulnerability in Oracle. You can get a copy of the paper from http://www.databasesecurity.com/ . Cheers, David Litchfield NGSSoftware Ltd +44(0) 208 401 0070 http://www.ngssoftware.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Cursor snarfing - a new class of vulnerability and attack in Oracle David Litchfield (Nov 27)