[Previous entry: "which special characters can be used in Oracle database passwords"] [Next entry: "expired passwords, ORA-01045 and password changes"]
People are now looking for alert 68 exploits!
October 13th, 2004 by Pete
Post to del.icio.us
Post to Furl
I spoke the other day about the recent email from Oracle reminding their customers to apply the patches that fix alert 68. This email also mentioned that Oracle are now aware that some exploits for some of the bugs fixed in alert 68 are now public.
I wanted to emphasise this as I have just seen this morning a post to the comp.databases.oracle.server newsgroup where someone is asking about the availability of additional information about these bugs. This type of request is not the first I have seen on mailing lists and newsgroups. If this increases or the information becomes more readily available then some companies are going to have problems. Exploits are not just used by internet based hackers they can also be used internally by employees.
Apply the patches soon if you have not done so already.
