Full Disclosure mailing list archives
Oracle Data Redaction is Broken
From: <david () databasesecurity com>
Date: Wed, 16 Jul 2014 13:46:19 +0100
Hey all,As part of yesterday’s Critical Patch Update, Oracle fixed 3 security flaws in data redaction services – one a privilege escalation vulnerability and two redaction bypass methods. I reported these issues to Oracle in November last year and have documented them here: http://www.davidlitchfield.com/Oracle_Data_Redaction_is_Broken.pdf
Cheers,David
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Oracle Data Redaction is Broken david (Jul 17)