| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: 11g holes
"Frank van Bortel" <frank.van.bortel_at_gmail.com> schreef in bericht
news:fcp3r3$8oc$2_at_news3.zwoll1.ov.home.nl...
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Jerome Vitalis wrote:
>> For what it's worth:
>>
>> http://tinyurl.com/yqpeqz
> Until Kornbrust reveals what the problems are, it is
> just hot air.
> But he (Alexander) usually is correct about security.
>
> - --
> Regards,
> Frank van Bortel
>
> Top-posting is one way to shut me up...
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (MingW32)
>
> iD8DBQFG8BKuLw8L4IAs830RAqJUAJ9/PT1iMlWEmk3sXsu2TEIx5Y+dVACginU2
> 7S8uS37ziTn++5sJRx7ixGU=
> =OPp1
> -----END PGP SIGNATURE-----
SQL injection in Oracle is not new, but it appears some of the holes were
not fixed....
It's not Oracle specific either. Many web-based logins on different database
systems allow it. Have seen an example of hacking a site by typing #1=1 and
~~ as a password.... aaargh
Check out Youtube for "sql injection" and you'll find some nice examples
there...
Shakespeare Received on Wed Sep 19 2007 - 04:45:57 CDT
 |
 |