In association with heise online

« previous | next »
14 January 2009, 09:25

Numerous security updates from Oracle

Oracle has released its Critical Patch Update (CPU) for January 2009, fixing a total of 41 vulnerabilities in many of its products. Twenty of the vulnerabilities are found in Oracle's database products, while others are found in Oracle's Secure Backup and TimesTen DataServer. Some of the holes in Secure Backup are classified as critical as they are remotely exploitable without authentication.

According to Alexander Kornbrust of Red Database Security, one of the database holes (CVE-2008-5437) allows a user with execute privileges on dbms_ijob to circumvent Oracle Auditing completely, allowing data to be changed with no record of the changes being logged.

For a complete overview of the holes and affected products, see the patch advisory from Oracle.

See also:

(djwm)

Add your comment

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-739661

Also on The H:

  • Share this article
  • Twitter
  • Facebook
  • digg this
  • submit to slashdot
  • post to delicious
  • StumbleUpon
  • submit to reddit
The H Open Headlines

Price Insight Top 10 powered by Skinflint

  1. Samsung SSD 830 Series 128GB
  2. Samsung SSD 830 Series 256GB
  3. Samsung SSD 830 Series Desktop Upgrade Kit 256GB
  4. Intel Core i5-3570K
  5. Samsung Galaxy S3 i9300 16GB blau
  6. Crucial m4 SSD 128GB
  7. Gigabyte GeForce GTX 670 OC
  8. Palit GeForce GTX 670
  9. Diablo 3 (deutsch)
  10. Samsung Galaxy Nexus i9250 16GB silber

The H

The H open source

The H Security

The H Internet Toolkit