Oracle Warns Of Critical Exploits
Critical Oracle Corp. technology vulnerabilities have been publicly exploited, the company advised in a recent security update that urged users to apply the patches contained in its Security Alert 68.
Source: eWeek"Oracle is aware of public exploits (as indicated in the latest version of the alert) for several of the vulnerabilities, and more exploits may be created," the company said in the e-mail alert. "Security Alert 68 is a critical security update and should be applied as soon as possible." The vulnerabilities were addressed in the Redwood Shores, Calif., company's first monthly patch rollup, which was released on Aug. 31. At the time this story was posted, Oracle had not returned phone calls seeking details of the exploits. The vulnerabilities in question, however, included the potential for buffer overflow attacks, SQL injection techniques for gaining access to Oracle databases, and the ability for a remote attacker to take advantage of a known, default user account and password.
0