Full Disclosure: Oracle exploit? Where's the beef?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Oracle exploit? Where's the beef?

From: Mark Shirley <mshirley () gmail com>
Date: Wed, 1 Sep 2004 11:34:32 -0400

Does anyone know anything further about the new oracle exploit? It
seems no one is saying shit about it other then "it's bad, it affects
everything, patch patch patc".

This is the only url i could find that has anything remotely interesting.

http://www.ciac.org/ciac/bulletins/o-209.shtml

VULNERABILITY ASSESSMENT:  Oracle rates this as a HIGH. "Exploiting
some of the vulnerabilities requires network access, but no valid user
account."

Typical response from oracle,  "DAMAGE:  Oracle does not give
descriptions of the vulnerabilities on this alert."

Remote exploits are bad mmkay.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

By Date By Thread

Current thread:

Oracle exploit? Where's the beef? Mark Shirley (Sep 01)
- Re: Oracle exploit? Where's the beef? 3APA3A (Sep 01)