Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Security Alert 68

Re: Security Alert 68

From: Pete Finnigan <plsql_at_petefinnigan.com>
Date: Wed, 13 Oct 2004 10:02:39 +0100
Message-ID: <Ip1+gVCv8ObBRxth@peterfinnigan.demon.co.uk> 





Hi Kalle,



I talked about the same email a few days ago in my Oracle security
weblog (http://www.petefinnigan.com/weblog/entries/index.html). The
information from Oracle is that there are some public exploits for some
of the bugs but Oracle are not going to tell you what they are. Check
the researchers web sites for information about the bugs as some sites
give brief details of how to re-produce the bugs. I know one bug was
discussed in a mailing list a few weeks ago with exploit code. 



The key message that Oracle were sending out is that everyone needs to
apply the patches sooner rather than later as exploits for the bugs are
now public. I would advise the same.



kind regards



Pete

-- 
Pete Finnigan (email:pete_at_petefinnigan.com)
Web site: http://www.petefinnigan.com - Oracle security audit specialists
Oracle security blog: http://www.petefinnigan.com/weblog/entries/index.html
Book:Oracle security step-by-step Guide - see http://store.sans.org for details.


Received on Wed Oct 13 2004 - 04:02:39 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US