funsec mailing list archives
Oracle Releases Fixes for 65 Flaws
From: "Fergie" <fergdawg () netzero net>
Date: Wed, 19 Jul 2006 03:06:27 GMT
Via SC Magazine. [snip] All were part of the Redwood Shores, Calif.-company's quarterly Critical Patch Update (CPU). They affect a range of Oracle products--the majority affect database and E-Business Suite software—and the company has no suggested workarounds for the alerts but instead advised customers to install the patch. Most of the concern in this patch cycle is on the increasing prevalence of database security problems, said Amichai Shulman, director of Imperva's Application Defense Center (ADC), a database vulnerability research group. Shulman said that the 23 database-related flaws patched today fall into three categories: protocol violations, SQL injections and flaws associated with stored procedures. Based on his research, some of the most alarming flaws are the protocol violations, which he said are quickly becoming a favorite attack vector for the bad guys. [snip] More: http://www.scmagazine.com/uk/news/article/570244 - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Oracle Releases Fixes for 65 Flaws Fergie (Jul 18)