Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security NTBugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Oracle DBMS_ASSERT and the October 2005 CPU

from [NGSSoftware Insight Security Research] Network Security [Permanent Link]
Subject: Oracle DBMS_ASSERT and the October 2005 CPU
Date: Tue, 8 Nov 2005 16:57:07 -0000
Whilst there are problems with the Oracle October 2005 Critical Patch Update, it's not all bad news....

There is a great deal of evidence in this patch that Oracle are beginning to treat security properly. They've introduced a new package PL/SQL package DBMS_ASSERT into the RDBMS. Whilst DBMS_ASSERT was first released as part of the new10g Release 2 it has been packported. Oracle use this package to sanitize user input to help prevent SQL injection. As this package has not been documented NGSResearch have done so aqs we feel that third-party Oracle app developers could benefit by using the package. This, and other papers, can be found at http://www.ngssoftware.com/papers.htm .

Cheers,
The NGSResearch Team

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Oracle DBMS_ASSERT and the October 2005 CPU, NGSSoftware Insight Security Research <=
Previous by Date:  Oracle October 2005 CPU Problems, NGSSoftware Insight Security Research
Next by Date:  High Risk Flaw in RealPlayer, NGSSoftware Insight Security Research
Previous by Thread:  Oracle October 2005 CPU Problems, NGSSoftware Insight Security Research
Next by Thread:  High Risk Flaw in RealPlayer, NGSSoftware Insight Security Research
Indexes:  [Date] [Thread] [Top] [All Lists]