Oracle Bug Database Susceptible to 'Metalink Hacking'

May 27, 2005

[From eWeek]

The Oracle security research firm Red Database Security GmbH has found 42 bugs, some serious, in Oracle Corp.'s Metalink knowledge base, and determined that it's possible to search Oracle's bug database for customer e-mails, used configurations, test cases and other sensitive information in a foray similar to "Google hacking."

The article continues at http://www.eweek.com/article2/0,1759,1821232,00.asp?kc=enews052705dtx1k0000599