Security Incidents mailing list archives

RE: Oracle 8i compromise questions

From: "Carolyn Jewel" <Carolyn.Jewel () LEGACYNET COM>
Date: Fri, 19 Aug 2005 14:12:28 -0700

<excerpt>
-----Original Message-----
From: Jack Donovan [mailto:jake.donovan () gmail com] 
Sent: Thursday August 18, 2005 1:00 PM
To: incidents () securityfocus com
Subject: Oracle 8i compromise questions

Hello all,

A client of mine reported a compromise of an outdated Oracle 8i
(8.174) database server running on Windows 2000, 
</excerpt>

SQL injection seems the most likely to me. The noted version is
vulnerable to injection. Kind of hard to say, though, without knowing
what applications are served by the db. Maybe you need to look at logs
on app or web servers, too.

Carolyn Jewel
Database Administrator
Enterprise Database Management
Legacy Marketing Group
1.707.781.6010 ext 6881
****This electronic mail message, and any attachments
transmitted with it, contains confidential information,
intended only for the named addressee(s). If you are not
the intended recipient, or a person responsible for
delivering this e-mail to the intended recipient, you are
hereby notified that the use, distribution, copying, or
disclosure of this communication is strictly prohibited.
If you have received this e-mail in error, please
immediately notify the sender by reply e-mail, and delete
all copies of this communication from your computer and
network. Thank you.*****

Current thread:

Oracle 8i compromise questions Jack Donovan (Aug 19)
- Re: Oracle 8i compromise questions Joshua Wright (Aug 22)
- Re: Oracle 8i compromise questions Kevin Reardon (Aug 22)
- <Possible follow-ups>
- RE: Oracle 8i compromise questions Carolyn Jewel (Aug 22)