Most Popular Stories
Events
- CTO Telecom Summit – May 31-Jun 3, 2009
May 31 - June 3, 2009 — Scottsdale, AZ - Four Seasons
Sponsored Links
Free Newsletter
Latest News
Popular Topics
Whitepapers
- The ECM Paradox: Extending Local Flexibility to Strengthen Central Control
- Service Oriented Architecture
- IT Service Management: Aligning IT and Business Goals for the High-Performance Hospital
- The Definitive IP Address Management (IPAM) Intelligence Whitepaper
- IM and Presence: Achieving Mission Critical Status in the Enterprise
- Using IWR to Cut Labor Costs Without Outsourcing
Oracle exploits coming at Black Hat DC 2007
Looks like Oracle is going to be taken to task for security yet again. At Black Hat DC 2007, starting tomorrow here in the nation's capital, major Oracle exploits are set to be unveiled during two Oracle-centric presentations: "Advanced Oracle Attack Techniques" with security researcher David Litchfield and "Practical 10 Minute Security Audit: The Oracle Case" with Argeniss founder Cesar Cerrudo. Black Hat has long been a thorn in Oracle's side; many of you will recall that Litchfield revealed an unpatched Oracle flaw at Black Hat 2006 that drew the database company's ire. Cerrudo is expected to release "at least one zero-day vulnerability and exploit code," while Litchfield is set to demonstrate a new exploit based on a recently published security paper that's making waves in the security community. "Any new buffer overflow vulnerability does nothing to further the knowledge base of the security community, and it only serves to increase risk [to users]," Lindstrom said. "In cases where there are entire new classes of attack, where you're learning a whole new technique, rather than throwing a whole lot of data at a process and waiting for it to break--which everyone and their grandmother could do--…you're learning about new ways in which applications can be exploited."
For more on the coming exploits:
- see this eWeek article
Related Stories
- Windows flaw gets critical, patch coming tomorrow
- New Microsoft Word zero-day attack on the loose
- Zero-day bugs remain after Microsoft Patch Tuesday
- Vista exploits for sale
- Hackers exploiting unpatched Windows DNS bug
- Mozilla to issue workaround for .ANI bug
- Firefox 2/IE 7 animated cursor exploit on the way
- Symantec: Vista vulnerable to legacy exploits
- Mac OS X to get its own zero-day response team?
- Vista exploit: Annoying MySpace pages a threat?
Comments
Post new comment
Home
| Subscribe | Advertise | RSS |
Privacy
| Site MapTHE FIERCEMARKETS NETWORKFierceFinance | FierceFinanceIT | FierceSarbox | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceBiotech | FierceBioResearcher | FiercePharma | FierceVaccines | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceVoIP | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe© 2008 FierceMarkets, Inc. All rights reserved. |
![]() |





