[Owasp-delhi] Black Hat: Zero-day hack of Oracle 11g database revealed

Piyush Maharishi piyush.maharishi at gmail.com
Thu Feb 4 09:37:11 EST 2010


*IDG News Service:* A well-known security researcher yesterday showed how to
subvert security in the Oracle 11g database by exploiting zero-day
vulnerabilities that would let a savvy user gain full and complete control.

David Litchfield, a researcher at NGS Consulting, demonstrated how a user
can subvert security to elevate his privileges to take complete control over
Oracle 11g and also showed how to bypass the Oracle Label Security used to
set mandatory access controls over information depending on security level.



For More Details:

http://news.idg.no/cw/art.cfm?id=94A37C9E-1A64-67EA-E4904A595E1FAF9C



Thanks and Regards

*Piyush Maharishi*

Mobile: +91-981-820-7473

Email: piyush.maharishi at gmail.com

www.fiserv.com



"The real voyage of discovery consists not in seeking new landscapes but in
having *New Eyes*"

**
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20100204/4282047c/attachment.html 


More information about the Owasp-delhi mailing list