[Previous entry: "High bidders with low motives"] [Next entry: "Blinded By The Glare Of Facial Piercings At Black Hat (Or, The One That Got Away)"]
Defcon 2006: Oracle not so "unbreakable"
August 9th, 2006 by Pete
Post to del.icio.us
Post to Furl
Defcon 2006: Oracle not so "unbreakable"
"Las Vegas (NV) - Your company's cleaning staff could be illegally moonlighting as your Oracle database administrator. Alexander Kornbrust, founder and CEO of Red Database Security, says hackers could easily exploit vulnerabilities in Oracle database and gain administrator access. Speaking at the Defcon security convention in Las Vegas, he also explained that administrator passwords are often stored and easily retrieved on company computers.
Kornbrust talked to a packed audience for his Oracle 2.0 rootkits session, but despite the ominous sounding title, he told TG Daily that his purpose was not to show a complete rootkit. "I just want to show how easy it is to gain administrator privileges," said Kornbrust. He believes there are 40 to 50 vulnerabilities, ranging from minor to critical, in Oracle 10G."
