Fundamental Oracle Flaw Revealed

Oracle has released a set of security patches to address a basic design problem in its flagship database.

InfoWorld: A couple of months ago, an anonymous tip revealed a fundamental design flaw in the flagship Oracle database. Today, Oracle is releasing a patch for the bug, but experts warn that any unpatched databases will be vulnerable to malicious attacks.

Follow the link above for a detailed explanation of the problem. The article advises, "The next step for Oracle admins is to inspect the SCN values of their databases. Following that, the application of the hot-backup patch is crucial, as are the follow-up patches that address the ability to arbitrarily increase the SCN value through administrative commands. However, since patches exist only for newer versions of the database, there may be no other option for older databases than to upgrade."

Tags: database, Oracle, security vulnerability

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.