Safe databases are key to security
Those of you hung over from patching Windows XP SP2 can't sleep in just yet. More than 40 vulnerabilities have been reported for Oracle's flagship software products. Holes in the Database Server and its Listener element can be exploited even without a valid user account. The Portal and iSQL*Plus components of Oracle Application Server are similarly vulnerable. The holes in Oracle Enterprise Manager are less severe--they can be exploited only by those with a valid OS-level user account--but other Oracle products, such as the Collaboration and E-Business suites, require full patching.
By Mike Lee at Security Pipeline.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.