Bugtraq mailing list archives
Re: Oracle and setting the record straight
From: Adam Laurie <adam.laurie () thebunker net>
Date: Fri, 22 Jul 2005 20:14:43 +0100
David Litchfield wrote:
Hey all,I don't know whether this helps serve any purpose or not, other than the vent some of my own frustrations; however...In the wake of the release of Alex Kornbrust's details on some Oracle flaws there has been some discussion in various places about when I supposedly did the same thing last year at Blackhat - i.e. release information on Oracle bugs in the absence of a vendor supplied patch.For the record, I did _not_ do this.So, setting the record straight: I was due to present a talk that centered around a batch of Oracle vulnerabilities at Blackhat last year. I gave Oracle a heads up and explained that I intended to do so and questioned whether the patches would be ready. On the day of the talk I was informed by Oracle that the patches were not ready and so when I got up on the stage I proceeeded to tell everyone exactly why I could no longer do the talk. i.e. I can't do the talk because Oracle failed to patch the problems I was going to talk about.I did not discuss in any form or fashion the actual bugs.
FWIW, I was there, and can confirm that this is true. Indeed, Dave was put in a very awkward position, having to pull most of the content of his talk at the last minute...
cheers, Adam -- Adam Laurie Tel: +44 (0) 20 7605 7000 The Bunker Secure Hosting Ltd. Fax: +44 (0) 20 7605 7099 Shepherds Building http://www.thebunker.net Rockley Road London W14 0DA mailto:adam () thebunker net UNITED KINGDOM PGP key on keyservers
Current thread:
- Oracle and setting the record straight David Litchfield (Jul 21)
- Re: Oracle and setting the record straight Adam Laurie (Jul 22)