Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Oracle fixes bugs with mega patch

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Oracle fixes bugs with mega patch
Date: Wed, 19 Oct 2005 02:03:36 -0500 (CDT) 
http://news.zdnet.com/2100-1009_22-5900784.html

By Joris Evers
CNET News.com 
Published on ZDNet News
October 18, 2005

Oracle on Tuesday released fixes for a laundry list of security
vulnerabilities in many of its software products.

The "Critical Patch Update," part of Oracle's quarterly patch release
cycle, delivers fixes for 33 flaws in Oracle's Database products, 14
in its Application Server, 13 in the Collaboration Suite, 22 in
E-Business Suite and Applications, four in PeopleSoft's PeopleTools,
and two in JD Edwards software.

Several of the flaws carry Oracle's most serious rating, which means
they are easy to exploit and an attack can have a wide impact,
according to the alert. "The most severe of the vulnerabilities could
possibly expose affected computers to complete compromise," Symantec
said in an alert to users of its DeepSight intelligence service.

Oracle doesn't provide many details in its advisory, which could be a
challenge for users when prioritizing patches, Pete Finnigan, a
security specialist in York, England, wrote on his Weblog. "The
descriptions for all the bugs except for the database section give
nothing away whatsoever," he said.

Oracle has been criticized for dragging its heels on fixing security
flaws and being unresponsive to researchers who find bugs. Oracle's
Chief Security Officer, Mary Ann Davidson, in response said security
researchers can be a problem when it comes to product security.




_________________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ISN] Davidson: Lessons of warfare for IT security, InfoSec News
Next by Date:  [ISN] Hacker loses name suppression, InfoSec News
Previous by Thread:  [ISN] Davidson: Lessons of warfare for IT security, InfoSec News
Next by Thread:  Re: [ISN] Oracle fixes bugs with mega patch, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]