Deprecated: The each() function is deprecated. This message will be suppressed on further calls in /home/zhenxiangba/zhenxiangba.com/public_html/phproxy-improved-master/index.php on line 456
[FD] Oracle Data Redaction is Broken

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] Oracle Data Redaction is Broken

To: <fulldisclosure@xxxxxxxxxxxx>
Subject: [FD] Oracle Data Redaction is Broken
From: <david@xxxxxxxxxxxxxxxxxxxx>
Date: Wed, 16 Jul 2014 13:46:19 +0100

Hey all,

As part of yesterday’s Critical Patch Update, Oracle fixed 3 security flawsin data redaction services – one a privilege escalation vulnerability andtwo redaction bypass methods. I reported these issues to Oracle in Novemberlast year and have documented them here:http://www.davidlitchfield.com/Oracle_Data_Redaction_is_Broken.pdf

Cheers,

David


_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: [FD] Mining website blacklists
Next by Date: Re: [FD] Is the era of ezine txt files over?
Previous by thread: Re: [FD] Mining website blacklists
Next by thread: [FD] Call for Paper - NOPcon 2014 - Istanbul, Turkey
Index(es):
- Date
- Thread