Re: [Full-Disclosure] Oracle exploit? Where's the beef?
Date: Wed Sep 01 2004 - 12:22:51 EDT
Dear Mark Shirley,
http://www.security.nnov.ru/search/document.asp?docid=6697 No details
released yet by NGSSoftware
--Wednesday, September 1, 2004, 7:34:32 PM, you wrote to full-disclosure@lists.netsys.com:
MS> Does anyone know anything further about the new oracle exploit? It
MS> seems no one is saying shit about it other then "it's bad, it affects
MS> everything, patch patch patc".
MS> This is the only url i could find that has anything remotely interesting.
MS> http://www.ciac.org/ciac/bulletins/o-209.shtml
MS> VULNERABILITY ASSESSMENT: Oracle rates this as a HIGH. "Exploiting
MS> some of the vulnerabilities requires network access, but no valid user
MS> account."
MS> Typical response from oracle, "DAMAGE: Oracle does not give
MS> descriptions of the vulnerabilities on this alert."
MS> Remote exploits are bad mmkay.
MS> _______________________________________________
MS> Full-Disclosure - We believe in it.
MS> Charter: http://lists.netsys.com/full-disclosure-charter.html
-- ~/ZARAZA Да, ему чертовски повезло. Эх и паршиво б ему пришлось если бы он выжил! (Твен) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.htmlReceived on Wed Sep 01 13:36:01 2004
This archive was generated by hypermail 2.1.8 : Wed Sep 01 2004 - 14:01:15 EDT
