Calendar
Kategorien
- 10.2.0.4 (1)
- 11g (3)
- Allgemein (11)
- BEA (1)
- checkpwd (4)
- CPUApr2008 (3)
- CPUJan2008 (2)
- CPUJul2007 (3)
- CPUOct2007 (1)
- Database Vault (1)
- David Litchfield (4)
- Exploit (4)
- Forensics (3)
- Inguma (2)
- MacOS (1)
- Mary Ann (1)
- Oracle (2)
- Oracle Security (46)
- passwords (3)
- Podcast (1)
- rootkits (1)
- Security (9)
- Security Book (1)
- Sentrigo (1)
- software (2)
- Source Code Analysis (1)
- source code audit (3)
- SQL Injection (4)
- Trainings (1)
Letzte Einträge
- 9 Aug 2008: July 2008 CPU Advisory - Windows Patch update for Oracle 10.1.0.5
- 29 Jul 2008: Exploit for Oracle Bea Weblogic - Apache Connector published
- 8 Mai 2008: Checkpwd 1.23 for MacOS Intel native released
- 16 Apr 2008: Oracle CPU April 2008 - Update
- 15 Apr 2008: Oracle Critical Patch Update April 2008 is out
- 11 Apr 2008: Looking Glass and Oracle 11g
- 11 Apr 2008: Oracle Critical Patch Update Pre-Release Announcement - April 2008
- 4 Mrz 2008: We proudly present: Anna Marie Kornbrust
- 4 Mrz 2008: Corba Exploit for VisiBroker published
- 25 Feb 2008: Oracle Patchset 10.2.0.4 is out
Links
Archive
Oracle Critical Patch Update Pre-Release Announcement - April 2008
Yesterday Oracle has published the pre-release announcement for the upcoming CPU next tuesday. According to this announcement the CPU will fix 41 security in various Oracle products. 17 vulnerabilities are affecting the Oracle Database.
- Advanced Queuing
- Audit
- Authentication
- Change Data Capture
- Core RDBMS
- Data Pump
- Export
- Oracle Application Express
- Oracle Net Services
- Oracle Secure Enterprise Search or Ultrasearch
- Oracle Spatial
- Query Optimizer
2 of these vulnerabilities are located in APEX and 2 of these 17 are remote exploitable (APEX?).
Tonight Oracle secalert will normally inform the researchers what vulnerabilities will be fixed by the upcoming CPU. It seems that some of our critical vulnerabilities (e.g. Bypass Oracle auditing in all databases) will be fixed next week.
More about the CPU next tuesday night or at HITB 2008 Dubai. Cesar Cerrudo and I will be there.