Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Database flaws more risky than thought

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Database flaws more risky than thought
Date: Fri, 24 Dec 2004 02:16:44 -0600 (CST) 
http://news.com.com/Database+flaws+more+risky+than+thought/2100-1002_3-5502538.html

By Robert Lemos 
Staff Writer, CNET News.com
December 23, 2004

Details of multiple security flaws in Oracle and IBM databases have
been released by the security company that found them.

The flaws, which were described in general terms in August and
September by Next-Generation Security Software, could allow an
attacker to remotely compromise servers running the database programs.  
Security company Symantec raised its Internet threat rating of the
flaws to 2 from 1, based on the details released on Thursday.

NGSSoftware gave users of the databases more than three months to fix
their systems when it announced its discovery of the flaws. Oracle has
already released patches for the 10 vulnerabilities affecting its 9i
database, and IBM has issued fixes for two flaws in DB2 versions 7 and
8.1.

"Some of these are more serious than others," said David Litchfield, a
security researcher and co-founder of U.K.-based NGSSoftware. "Most of
these vulnerabilities can be exploited remotely."

The advisories can be found on NGSSoftware's Web site.



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - 
http://www.osvdb.org/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Database flaws more risky than thought, InfoSec News <=
Previous by Date:  [ISN] Secunia Weekly Summary - Issue: 2004-52, InfoSec News
Next by Date:  [ISN] Army focuses on cyber protection, InfoSec News
Previous by Thread:  [ISN] Secunia Weekly Summary - Issue: 2004-52, InfoSec News
Next by Thread:  [ISN] Army focuses on cyber protection, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]