Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Links Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS SQL
Oracle
DB2
MS Access
MySQL
» RESOURCES
Database Tools
SQL Scripts & Samples
Links
» Database Forum
» Sitemap
Free Newsletters:
DatabaseDaily  
News Via RSS Feed


follow us on Twitter
Database Journal |DBA Support |SQLCourse |SQLCourse2
 

Posted Feb 4, 2010

Oracle database; not so "unbreakable" as one would think

By DatabaseJournal.com Staff

At a recent security conference, David Litchfield, researcher at NGS Consulting, offered up a demonstration that exposed how a user could bypass Oracle Label Security and take complete control over an Oracle 11g database—granting himself system level privileges.

And while Litchfield has devoted ample time finding such security vulnerabilities in Oracle, Litchfield is reportedly moving on to other pastures—possibly computer forensics. Leaving on a high note, Litchfield grades Oracle with a B+ for security in the current Oracle 11g database but also added he thought Oracle was placing too much of the responsibility of security on third-party security tools.

View Article

Daily News Archives

Comment and Contribute

 


(Maximum characters: 1200). You have characters left.