Auditing an Oracle database for security issues is very important. PeteFinnigan.com provides all of the information and tools that you will need Click here for details of PeteFinnigan.com Limited's detailed Oracle database security audit service Click here for details of PeteFinnigan.com Limited's Oracle Security Training Courses
There are 47 visitors online    
Cookie Policy:We only use essential cookies on small sections of this website. For details see here.

Pete Finnigan's Oracle security weblog


Home » Archives » August 2006 » Defcon 2006: Oracle not so "unbreakable"

[Previous entry: "High bidders with low motives"] [Next entry: "Blinded By The Glare Of Facial Piercings At Black Hat (Or, The One That Got Away)"]

Defcon 2006: Oracle not so "unbreakable"

August 9th, 2006 by Pete


Defcon 2006: Oracle not so "unbreakable"

"Las Vegas (NV) - Your company's cleaning staff could be illegally moonlighting as your Oracle database administrator. Alexander Kornbrust, founder and CEO of Red Database Security, says hackers could easily exploit vulnerabilities in Oracle database and gain administrator access. Speaking at the Defcon security convention in Las Vegas, he also explained that administrator passwords are often stored and easily retrieved on company computers.

Kornbrust talked to a packed audience for his Oracle 2.0 rootkits session, but despite the ominous sounding title, he told TG Daily that his purpose was not to show a complete rootkit. "I just want to show how easy it is to gain administrator privileges," said Kornbrust. He believes there are 40 to 50 vulnerabilities, ranging from minor to critical, in Oracle 10G."


August 2006
SMTWTFS
  12345
6789101112
13141516171819
20212223242526
2728293031  

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

Weblog Home
Weblog Archives


Home
Oracle Security Tools page
Oracle security papers
Oracle Security alerts

Web Development
SQL Server Security

RSS 1.0 FEED
RSS 2.0 FEED
Atom 0.3 FEED
Powered by gm-rss 2.0.0


Valid XHTML 1.0!