Researcher Bares Oracle Zero Day Flaw at Black Hat


British security researcher David Litchfield used the spotlight of the Black Hat Federal Briefings here to call attention to a gaping flaw in the Oracle PL/SQL Gateway that remains unpatched three months after it was first reported to the database server giant.

In a rare departure from his company's policy of withholding technical details on unpatched vulnerabilities, Litchfield provided a blow-by-blow demonstration of an exploit that could be used to gain full database administrator control of the back-end database server. Researcher Bares Oracle Zero-Day Flaw at Black Hat

Linked by shanmuga Wednesday, 25th January 2006 10:42PM