Oracle exploit? Where's the beef?

[Mark Shirley <mshirley () gmail com>]

Does anyone know anything further about the new oracle exploit? It
seems no one is saying shit about it other then "it's bad, it affects
everything, patch patch patc".

This is the only url i could find that has anything remotely interesting.

http://www.ciac.org/ciac/bulletins/o-209.shtml

VULNERABILITY ASSESSMENT:  Oracle rates this as a HIGH. "Exploiting
some of the vulnerabilities requires network access, but no valid user
account."

Typical response from oracle,  "DAMAGE:  Oracle does not give
descriptions of the vulnerabilities on this alert."

Remote exploits are bad mmkay.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html