Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Links Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS Access
Database Tools
SQL Scripts & Samples
» Database Forum
» Sitemap
Free Newsletters:
News Via RSS Feed

follow us on Twitter
Database Journal |DBA Support |SQLCourse |SQLCourse2

Posted Feb 4, 2010

Oracle database; not so "unbreakable" as one would think

By Staff

At a recent security conference, David Litchfield, researcher at NGS Consulting, offered up a demonstration that exposed how a user could bypass Oracle Label Security and take complete control over an Oracle 11g database—granting himself system level privileges.

And while Litchfield has devoted ample time finding such security vulnerabilities in Oracle, Litchfield is reportedly moving on to other pastures—possibly computer forensics. Leaving on a high note, Litchfield grades Oracle with a B+ for security in the current Oracle 11g database but also added he thought Oracle was placing too much of the responsibility of security on third-party security tools.

View Article

Daily News Archives

Comment and Contribute


(Maximum characters: 1200). You have characters left.