RE: OT: Oracle Critical Patch Article

From: John Hallas <>
Date: Wed, 16 Jan 2008 14:59:09 -0000
Message-ID: <>

Sarbanes-Oxley applies to all publicly held American or quoted in America companies. Not to say that it should be ignored but it is not mandatory for everyone on this list  

[] On Behalf Of Andrew Kerber Sent: 15 January 2008 17:51
Cc:; oracle-l Subject: Re: OT: Oracle Critical Patch Article  

>>Would a dba be concerned about remote vulnerabilities for databases
that support only connections from application servers that are secured? Probably not.

I hope DBA's aren't using that argument. Sarbanes-Oxley applies to all publicly held companies. And the rules are just as concerned with internal security as external security. There very few oracle databases that you cannot connect to at all via sqlnet.

The information included in this email and any files transmitted with it may contain information that is confidential and it must not be used by, or its contents or attachments copied or disclosed, to persons other than the intended addressee. If you have received this email in error, please notify BJSS. In the absence of written agreement to the contrary BJSS’ relevant standard terms of contract for any work to be undertaken will apply. Please carry out virus or such other checks as you consider appropriate in respect of this email. BJSS do not accept responsibility for any adverse effect upon your system or data in relation to this email or any files transmitted with it. BJSS Limited, a company registered in England and Wales (Company Number 2777575), VAT Registration Number 613295452, Registered Office Address, First Floor, Coronet House, Queen Street, Leeds, LS1 2TW

Received on Wed Jan 16 2008 - 08:59:09 CST

Original text of this message