Oracle Corporation said the they want to make their product is "unbreakable" and they did realize their promise as they release their well-known database product, Oracle Database 10g and heading for their next release, Oracle 11. But is it true that they are unbreakable? Some mailing list that i subscribed to has discussed some vulnerability that exists on one of the Oracle products.
I recently found an advanced SQL Injection in Oracle Database tutorial on this page via RSS News. Here is a small note on the page:
"This presentation is about new ways to exploit SQL Injection vulnerabilities in Oracle Databases. It shows, with working examples, many ways in that the Oracle database security could be bypassed and how to protect from these threats. It is based on the presentation that Esteban Martínez Fayó gave at G-con III conference (Mexico City), with new material and larger explanations."
You can download the file (312 KB). The zip file includes the presentation (in PDF format) and the example files. Or, you can download individual file by visiting their page
No comments:
Post a Comment