Re: PeteFinnigan.com Oracle advisory for bugs in dbms_scheduler (alert #68)

"GovindanK" <gkatteri@xxxxxxxxxxx> · Thu, 02 Sep 2004 14:49:30 -0700

http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf
You can see ref. to Pete's link
HTH

GovindanK
Oracle Certified Professional

On Thu, 2 Sep 2004 08:33:18 -0400, "Jonathan Gennick"
<jonathan@xxxxxxxxxxx> said:
> This alert apparently covers several flaws. I'm actually
> taken-aback by how long it's taken Oracle to respond to the
> one Pete and I uncovered back in March, which let's you
> leverage the new scheduler to gain access to the Oracle
> user, and thence to grant yourself DBA privileges.
> 
> Best regards,
> 
> Jonathan Gennick --- Brighten the corner where you are
> http://Gennick.com * 906.387.1698 * mailto:jonathan@xxxxxxxxxxx
> 
> Join the Oracle-article list and receive one
> article on Oracle technologies per month by 
> email. To join, visit
> http://five.pairlist.net/mailman/listinfo/oracle-article, 
> or send email to Oracle-article-request@xxxxxxxxxxx and 
> include the word "subscribe" in either the subject or body.
> 
> 
> Wednesday, September 1, 2004, 3:06:15 PM, Pete Finnigan
> (oracle_list@xxxxxxxxxxxxxxxxxxxxxxxxx) wrote:
> PF> Hi everyone,
> 
> PF> Oracle released last night alert #68 covering fixes for many security
> PF> bugs in Oracle. PeteFinnigan.com found security bugs in the new 10gR1
> PF> scheduler functionality. Our security advisory can be found at
> PF> http://www.petefinnigan.com/alerts.htm
> 
> PF> Kind regards
> 
> PF> Pete
> 
> ---
> To unsubscribe -
> mailto:oracle-l-request@xxxxxxxxxxxxx&subject=unsubscribe 
> To read recent messages - //freelists.org/archives/oracle-l/09-2004
---
To unsubscribe - mailto:oracle-l-request@xxxxxxxxxxxxx&subject=unsubscribe 
To read recent messages - //freelists.org/archives/oracle-l/09-2004

Other related posts: