Oracle FAQ

Your Portal to the Oracle Knowledge Grid

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US

Home -> Community -> Mailing Lists -> Oracle-L -> Litchfield on October patch

Litchfield on October patch

From: Ray Stell <stellr_at_cns.vt.edu>
Date: Wed, 19 Oct 2005 18:57:36 -0400
Message-ID: <20051019225736.GC16257@locust.cns.vt.edu>

from bugtraq:

Having downloaded and given the Oracle October patch a cursory examination, some of the flaws Oracle told me were being fixed, remain exploitable. Once again the patch is not sufficient. I will conduct a full investigation of the patch over the coming few days and post some recommendations once complete. Incidently, it's good to see that the NGS Disclosure policy of not publicly releasing details of the flaws "fixed" seems to work as a useful fail safe mechanism.

  More to follow...
  Cheers,
  David Litchfield
  NGSSoftware Ltd
  http://www.ngssoftware.com/

Ray Stell stellr_at_vt.edu (540) 231-4109 Tempus fugit 28^D

--
http://www.freelists.org/webpage/oracle-l

Received on Wed Oct 19 2005 - 17:59:56 CDT

This message: [ Message body ]
Next message: Paul Drake: "Re: Litchfield on October patch"
Previous message: Mark W. Farnham: "RE: ** anyway to create a primary key on table with duplicates that cannot be deleted"
Next in thread: Paul Drake: "Re: Litchfield on October patch"
Reply: Paul Drake: "Re: Litchfield on October patch"
Maybe reply: Jesse, Rich: "RE: Litchfield on October patch"
Maybe reply: oracle-l-bounce_at_freelists.org: "RE: Litchfield on October patch"
Maybe reply: Mercadante, Thomas F (LABOR): "RE: Litchfield on October patch"
Maybe reply: JayMiller_at_TDWaterhouse.com: "RE: Litchfield on October patch"
Maybe reply: JayMiller_at_TDWaterhouse.com: "RE: Litchfield on October patch"
Maybe reply: Mercadante, Thomas F (LABOR): "RE: Litchfield on October patch"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US