[<prev] [next>] [day] [month] [year] [list]
Message-ID: <004401c711ff$28f954f0$4001a8c0@ngssoftware.com>
Date: Mon, 27 Nov 2006 08:36:39 -0000
From: "David Litchfield" <davidl@...software.com>
To: <bugtraq@...urityfocus.com>, <dbsec@...elists.org>
Subject: Cursor snarfing - a new class of vulnerability and attack in Oracle
Hey all,
I've just written a paper detailing a fairly common PL/SQL programming error
related to cursors that leads to a new class of vulnerability in Oracle. You
can get a copy of the paper from http://www.databasesecurity.com/ .
Cheers,
David Litchfield
NGSSoftware Ltd
+44(0) 208 401 0070
http://www.ngssoftware.com/
Powered by blists - more mailing lists