Call: +44 (0)1904 557620 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Some fight back on Oracle security bugs - old news article"] [Next entry: "Josh has released a paper about the Oracle password algorithm"]

Flaw hunters pick holes in Oracle patches



I found a good article by Joris Evers tonight on ZD Net about Oracle security. Alex also emailed a link to me so its popular!. The article is titled "Flaw hunters pick holes in Oracle patches". It is a four page article and it explores the latest patch from Oracle. David Litchfield has been analysing the patch and has found some holes in it. He is calling for an overhaul of the Oracle patching process. The news item explores the whole process of Oracles patch mechanism and includes comments on both sides of the arguments. It is a very good paper.