Paper: Snarfing attacks in Oracle DBMS_XMLGEN applications

• From: <david@xxxxxxxxxxxxxxxxxxxx>
• To: "ORACLE-L" <oracle-l@xxxxxxxxxxxxx>
• Date: Fri, 8 Nov 2013 08:59:20 -0000

Hello all,
I’ve noted a weakness in the way DBMS_XMLGEN generates context handles. Due to 
this weakness it may be possible to gain access to sensitive data using a 
snarfing attack. Of course, this is totally dependent upon the application in 
question. You can get the paper here: 
http://www.davidlitchfield.com/Snarfing_attacks_in_DBMS_XMLGEN_Applications.pdf
Cheers!
David

• Follow-Ups:
  • Re: Paper: Snarfing attacks in Oracle DBMS_XMLGEN applications
    • From: Paresh Yadav

• References:
  • Create Schema
    • From: Raju Angani

Other related posts:

• » Paper: Snarfing attacks in Oracle DBMS_XMLGEN applications - david
• » Re: Paper: Snarfing attacks in Oracle DBMS_XMLGEN applications- Paresh Yadav
• » Re: Paper: Snarfing attacks in Oracle DBMS_XMLGEN applications- david
• » Re: Paper: Snarfing attacks in Oracle DBMS_XMLGEN applications- david

1. Home
2. oracle-l
3. Archive
4. 11-2013

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---