Is 'Wag the Dog' by any means an app server - well, sorry could't help it
<g>
"damorgan" <damorgan_at_exesolutions.com> wrote in message
news:3C961199.F98E21AC_at_exesolutions.com...
> That I understood. And anyone that doesn't know that advertising is fluff
needs
> to stay away from the television. But the security issues I have seen
(there
> are likely some I have not seen) are not with the database; they are with
the
> app server.
>
> The easiest way to break into any software is still to look at the post-it
note
> in the desk drawer. <g>
>
> Daniel Morgan
>
>
>
> Niall Litchfield wrote:
>
> > His point is that no software is 'unbreakable'. He is absolutely
correct.
> > The reality doesn't live up to the marketing. On the other hand who
cares.
> > No reality ever does. The informix page at IBM states that informix
offers
> > continuous availability. I have yet to see a product that could possibly
> > justify this. Even the ms marketing machine ony claims 5 nines <g>.
> >
> > --
> > Niall Litchfield
> > Oracle DBA
> > Audit Commission UK
> > *****************************************
> > Please include version and platform
> > and SQL where applicable
> > It makes life easier and increases the
> > likelihood of a good answer
> >
> > ******************************************
> > "damorgan" <damorgan_at_exesolutions.com> wrote in message
> > news:3C926E8B.7F20347D_at_exesolutions.com...
> > > The Oracle database is not the Oracle Application Server.
> > >
> > > With that in mind ... do you have a point?
> > >
> > > Daniel Morgan
> > >
> > >
> > >
> > > Steven Hauser wrote:
> > >
> > > > The "Big Lie" is effective again.
> > > > Here is a Google "Sponsored Link Ad" (a 10,000 dollar account)
> > > > for the search term "Informix"
> > > >
> > > > >Informix - Is your database safe? Make it safe.
> > > > >www.oracle.com Oracle9i Database. Unbreakable. Can't break it.
Can't
> > break in.
> > > > >Sponsored Link
> > > >
> > > > No software is unbreakable no matter who says it, even ORACLE!
(gasp)
> > > > Now the CERT (late) warnings:
> > > >
> > > > >CERT Advisory CA-2002-08 Multiple vulnerabilities in Oracle Servers
> > > > >
> > > > > Original release date: March 14, 2002
> > > > > Last revised: --
> > > > > Source: CERT/CC
> > > > >
> > > > > A complete revision history can be found at the end of this
file.
> > > > >
> > > > >Systems Affected
> > > > >
> > > > > * Systems running Oracle8i Database
> > > > > * Systems running Oracle9i Database
> > > > > * Systems running Oracle9i Application Server
> > > > >
> > > > >Overview
> > > > >
> > > > > Multiple vulnerabilities in Oracle Application Server have
> > recently
> > > > > been discovered. These vulnerabilities include buffer
> > overflows,
> > > > > insecure default settings, failures to enforce access
controls,
> > and
> > > > > failure to validate input. The impacts of these
> > vulnerabilities
> > > > > include the execution of arbitrary commands or code,
denial
> > of
> > > > > service, and unauthorized access to sensitive information.
> > > > >
> > >
>
Received on Mon Mar 18 2002 - 13:19:38 CST
