New hacker trick may expose Oracle databases


A new attack technique increases the risk of commonly found bugs in Oracle's database software, a security researcher has warned.

It was previously thought that an attacker needed high-level privileges on the database to exploit so-called PL SQL injection vulnerabilities. With a new attack technique, that's no longer true, David Litchfield, a database security expert with NGS Software, said on Thursday at the Black Hat DC event here. New hacker trick may expose Oracle databases | CNET News.com

Linked by shanmuga Friday, 2nd March 2007 12:00AM