Tag: Security
-
Oracle Critical Patch Update October 2010
The Oracle Critical Patch Update October 2010 is out, see the Oracle Security Blog for commentary. Of the 9 Database related vulnerabilities, 7 do not apply if you are on the latest patchset on 10gR2 or 11gR2, a much higher than usual number, and hopefully a good sign for what’s to come.… Continued
-
Project Lockdown updated for 11gR2
Arup Nanda finally updated his Project Lockdown series of Oracle Security articles for 11gR2. Definitely worth a read (and I’m surprised I can’t find an article on my blog about the first version of Project Lockdown – must’ve happened during a low-impact-blogging phase).… Continued
-
Oracle CPU July 2010
Oracle’s Critical Patch Update July 2010 is out, with two easy to exploit DoS vulnerabilities in the Database network stack (although one on Windows only), and one critical vulnerability in the OLAP component – let’s just hope that this one opens the DB for attack if OLAP is actually linked in… because I guess most people’s Oracle will not have OLAP built in.… Continued
-
Oracle CPU July 2010 Pre-Release
Oracle’s Critical Patch Update Pre-Release Announcement – July 2010 arrived online, and the nice folks at Integrigy already published their standard CPU pre-release analysis.
I’m a bit worried about the number of highly critical Database alerts, four out of six vulnerabilities are remotely exploitable without authentication.… Continued
-
Top 25 Most Dangerous Programming Errors
-
Oracle CPU Dissected
-
DLP Win Wins
-
Training Development Staff in Secure Coding Practices
-
CIS Oracle Database Benchmark