[dbsec] Cursor snarfing - a new class of vulnerability and attack in Oracle

  • From: "David Litchfield" <davidl@xxxxxxxxxxxxxxx>
  • To: <bugtraq@xxxxxxxxxxxxxxxxx>, <dbsec@xxxxxxxxxxxxx>
  • Date: Mon, 27 Nov 2006 08:36:39 -0000

Hey all,
I've just written a paper detailing a fairly common PL/SQL programming error related to cursors that leads to a new class of vulnerability in Oracle. You can get a copy of the paper from http://www.databasesecurity.com/ .
David Litchfield
NGSSoftware Ltd
+44(0) 208 401 0070

Other related posts: