Pete Finniganpete\@petefinnigan.comCopyright PeteFinnigan.com Ltd 2005, All rights reserved. All trademarks are the property of their respective owners and are hereby acknowledgedtag:www.petefinnigan.com,2008-05-16:%2Fweblog%2Farchives%2F00001172.htmPete Finniganpete\@petefinnigan.com <p> I noticed today that Howard's Dizwell-Oracle Reliable Installation Script (DORIS) version 1.0a shell script is available again for download. This is a useful script and great for installing Oracle on Linux without resorting to reading loads of "how-to" sites. Howard....<a href="http://www.petefinnigan.com/weblog/archives/00001172.htm">[Read More]</a> </p> <p>Posted by Pete On 16/05/08 At 07:50 PM</p>2008-05-16T20:52:04Z2008-05-16T20:52:04ZHoward's DORIS script is available again - some security comments from metag:www.petefinnigan.com,2008-05-16:%2Fweblog%2Farchives%2F00001171.htmPete Finniganpete\@petefinnigan.com <p> I posted a couple of days ago a link to an almost certain hoax of a license plate of a red mini that had been altered to include SQL Injection. This was in a post titled License Plate SQL Injection....<a href="http://www.petefinnigan.com/weblog/archives/00001171.htm">[Read More]</a> </p> <p>Posted by Pete On 15/05/08 At 09:02 PM</p>2008-05-16T20:52:04Z2008-05-16T20:52:04ZLicense Plate scanners and SQL Injectiontag:www.petefinnigan.com,2008-05-16:%2Fweblog%2Farchives%2F00001170.htmPete Finniganpete\@petefinnigan.com <p> I would recommend anyone that is interested in securing their Oracle database to subscribe to some of the major security lists such as the bugtraq list at securityfocus.com or the full disclosure list. There are plent more besides these, but....<a href="http://www.petefinnigan.com/weblog/archives/00001170.htm">[Read More]</a> </p> <p>Posted by Pete On 14/05/08 At 07:42 PM</p>2008-05-16T20:52:04Z2008-05-16T20:52:04ZOracle Application Server 10g ORA_DAV basic authentication bypasstag:www.petefinnigan.com,2008-05-16:%2Fweblog%2Farchives%2F00001169.htmPete Finniganpete\@petefinnigan.com <p> Wow, its been a while since I posted, I have been travelling all over the world over the last month or so, teaching my Oracle security class and also speaking at conferences and performing Oracle security audits. It's been a....<a href="http://www.petefinnigan.com/weblog/archives/00001169.htm">[Read More]</a> </p> <p>Posted by Pete On 13/05/08 At 07:38 PM</p>2008-05-16T20:52:04Z2008-05-16T20:52:04ZLicense plate SQL Injectiontag:www.petefinnigan.com,2008-05-16:%2Fweblog%2Farchives%2F00001168.htmPete Finniganpete\@petefinnigan.com <p> I have posted the slides to my talk from yesterday at the OUG Scotland SIG to my Oracle Security white papers page . They are the first entries in the page. The talk was 45 minutes about Oracle Forensics. This....<a href="http://www.petefinnigan.com/weblog/archives/00001168.htm">[Read More]</a> </p> <p>Posted by Pete On 01/05/08 At 02:23 PM</p>2008-05-16T20:52:04Z2008-05-16T20:52:04ZSlides from OUG Scotland DBA SIG on Oracle Forensics availabletag:www.petefinnigan.com,2008-05-16:%2Fweblog%2Farchives%2F00001167.htmPete Finniganpete\@petefinnigan.com <p> I saw a post on the BAR Solutions blog today titled " Triggers… " that was very interesting as I have had the same issue in the past for different reasons. The blog post was around an issue where triggers....<a href="http://www.petefinnigan.com/weblog/archives/00001167.htm">[Read More]</a> </p> <p>Posted by Pete On 01/05/08 At 01:22 PM</p>2008-05-16T20:52:04Z2008-05-16T20:52:04ZConditionally firing triggerstag:www.petefinnigan.com,2008-05-16:%2Fweblog%2Farchives%2F00001166.htmPete Finniganpete\@petefinnigan.com <p> I am writing this whilst sat on a train travelling at around 120mph between York and Darlington, this is probably my first blog entry written at speed! I saw that David had released his paper " Lateral SQL Injection: A....<a href="http://www.petefinnigan.com/weblog/archives/00001166.htm">[Read More]</a> </p> <p>Posted by Pete On 30/04/08 At 08:26 AM</p>2008-05-16T20:52:04Z2008-05-16T20:52:04ZLateral SQL Injection and Conferences and security trainingtag:www.petefinnigan.com,2008-05-16:%2Fweblog%2Farchives%2F00001165.htmPete Finniganpete\@petefinnigan.com <p> I was over in Norway this week and the Oracle User Group Norway (OUGN) asked me to speak at an evening user group meeting of theirs. This was a eally friendly group and it was a pleasure to speak there....<a href="http://www.petefinnigan.com/weblog/archives/00001165.htm">[Read More]</a> </p> <p>Posted by Pete On 25/04/08 At 05:58 PM</p>2008-05-16T20:52:04Z2008-05-16T20:52:04ZSlides from OUGN Norway and RISK 2008 Norway availabletag:www.petefinnigan.com,2008-05-16:%2Fweblog%2Farchives%2F00001164.htmPete Finniganpete\@petefinnigan.com <p> Oracle's pre-patch advisory note for the next Critical Patch Update (CPU) due this Tuesday (15th) states that there are 17 new security fixes for the database, two for Apex and two of which are remotely exploitable without authentication. The advisory....<a href="http://www.petefinnigan.com/weblog/archives/00001164.htm">[Read More]</a> </p> <p>Posted by Pete On 14/04/08 At 10:17 AM</p>2008-05-16T20:52:04Z2008-05-16T20:52:04ZTwo remotely exploitable without authentication bugs to be fixedXML::Atom::SimpleFeed2008-05-16T20:52:04ZPeteFinnigan.com's weblog is the only weblog dedicated to Oracle security.Pete Finnigan's Oracle security weblog