bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Cursor snarfing - a new class of vulnerability and attack in Oracle

from [David Litchfield] [Permanent Link][Original]
To: <bugtraq@securityfocus.com>, <dbsec@freelists.org>
Subject: Cursor snarfing - a new class of vulnerability and attack in Oracle
From: "David Litchfield" <davidl@ngssoftware.com>
Date: Mon, 27 Nov 2006 08:36:39 -0000
Delivered-to: sp-com-lists@consult.net
Delivered-to: bugtraq-list@securepoint.com
Delivered-to: mailing list bugtraq@securityfocus.com
Delivered-to: moderator for bugtraq@securityfocus.com
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@securityfocus.com; run by ezmlm 
Hey all,
I've just written a paper detailing a fairly common PL/SQL programming error related to cursors that leads to a new class of vulnerability in Oracle. You can get a copy of the paper from http://www.databasesecurity.com/ . 
Cheers,
David Litchfield
NGSSoftware Ltd
+44(0) 208 401 0070
http://www.ngssoftware.com/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Cursor snarfing - a new class of vulnerability and attack in Oracle, David Litchfield <=
Previous by Date:  2nd European Conference on Computer Network Defense (EC2ND), Blyth A J C (AT)
Next by Date:  AIDE problem handling symlinks, fryxar fryxar
Previous by Thread:  2nd European Conference on Computer Network Defense (EC2ND), Blyth A J C (AT)
Next by Thread:  AIDE problem handling symlinks, fryxar fryxar
Indexes:  [Date] [Thread] [Top] [All Lists]