[Previous entry: "An example of using DBMS_CRYPTO"] [Next entry: "Exploit circulating for newly patched Oracle bug - It can crash an unpatched database server"]
Researcher: Oracle Patch Set Flawed Again
October 21st, 2005 by Pete
Post to del.icio.us
Post to Furl
I saw a good news article on EWeek yesterday and made a note of it. The article is by Lisa Vaas and is titled "Researcher: Oracle Patch Set Flawed Again". It talks about David Litchfield’s claims that after reviewing the CPU Oct 2005 patch set that some of the bugs he reported are still exploitable. It is not clear whether he means that the actual bugs are not fixed or that the same general issue is still exploitable elsewhere in the same packages. Or could it be a combination of both scenarios. Lisa says that David is still investigating.
