RE: CVE-2012-1675 (Oracle 11gR2 RAC) - Actual Risk?

  • From: "Allen, Brandon" <Brandon.Allen@xxxxxxxxxxx>
  • To: "andrew.kerber@xxxxxxxxx" <andrew.kerber@xxxxxxxxx>, "dbmangler@xxxxxxxxx" <dbmangler@xxxxxxxxx>, "oracle-l@xxxxxxxxxxxxx" <oracle-l@xxxxxxxxxxxxx>
  • Date: Wed, 13 Jun 2012 19:43:35 +0000

I'm not a security expert, but it seems to me there's a significant chance that 
an attacker may be behind your firewall as well - either authorized (e.g. a 
malicious employee, consultant, customer, or other trusted party) or 
unauthorized (a hacker).


-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On 
Behalf Of Andrew Kerber

I am in agreement that the actual risk is fairly limited for most instances 
since everyone is behind a firewall these days


Privileged/Confidential Information may be contained in this message or 
attachments hereto. Please advise immediately if you or your employer do not 
consent to Internet email for messages of this kind. Opinions, conclusions and 
other information in this message that do not relate to the official business 
of this company shall be understood as neither given nor endorsed by it.

Other related posts: