[dbsec] Re: Cursor snarfing - a new class of vulnerability and attack in Oracle

  • From: "Andrew Syme" <Andrew.Syme@xxxxxxxxxxxxx>
  • To: <dbsec@xxxxxxxxxxxxx>
  • Date: Mon, 27 Nov 2006 16:37:18 +0800

I am away on a course for the week 2006-11-27 to 2006-12-01. For
database administration concerns contact Razieh Khadembashi,
razieh.khadembashi@xxxxxxxxxxxxx or 9222 4651.

>>> dbsec 11/27/06 16:36 >>>

Hey all,
I've just written a paper detailing a fairly common PL/SQL programming
related to cursors that leads to a new class of vulnerability in Oracle.
can get a copy of the paper from http://www.databasesecurity.com/ .
David Litchfield
NGSSoftware Ltd
+44(0) 208 401 0070

This footnote confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.


Other related posts: