|
Oracle Products Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA32291
|
|
|
Release Date:
|
2008-10-15
|
|
Last Update:
|
2008-11-12
|
|
Popularity:
|
9,884 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Unknown
Security Bypass
Brute force
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | JD Edwards EnterpriseOne Tools 8.x
Oracle Application Server 10g
Oracle Database 10.x
Oracle Database 11.x
Oracle E-Business Suite 11i
Oracle E-Business Suite 12.x
Oracle PeopleSoft Enterprise Portal Solutions 8.x
Oracle9i Database Enterprise Edition
Oracle9i Database Standard Edition
PeopleSoft PeopleTools 8.x
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 2 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Solution:
Apply patches (see the vendor's advisory).
Provided and/or discovered by:
The vendor credits:
* Esteban Martinez Fayo, Application Security, Inc.
* Pete Finnigan
* Tony Fogarty, DNV
* guyp, Sentrigo
* Jack Kanter, Integrigy
* Joxean Koret
* Alexander Kornbrust, Red Database Security
* Slavik Markovich, Sentrigo
* Amichai Shulman, Imperva, Inc.
* Chris Valasek, IBM Corp.
1) Yaniv Azaria, Imperva
Changelog:
2008-10-20: Updated "Description" and "Original Advisory" sections.
2008-10-21: Updated credits section.
2008-10-23: Added vulnerability #3 to "Description" section. Added link to "Original Advisory" section.
2008-11-12: Updated "Description" and "Original Advisory" sections with additional information from Application Security, Inc.
Original Advisory:
Oracle:
http://www.oracle.com/technology/depl...ritical-patch-updates/cpuoct2008.html
Amichai Shulman, Yaniv Azaria:
http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/065146.html
http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/065147.html
Pete Finnigan:
http://www.petefinnigan.com/Advisory_CPU_Oct_2008.htm
Application Security, Inc:
http://www.appsecinc.com/resources/alerts/oracle/2008-08.shtml
http://www.appsecinc.com/resources/alerts/oracle/2008-09.shtml
http://www.appsecinc.com/resources/alerts/oracle/2008-10.shtml
http://www.appsecinc.com/resources/alerts/oracle/2008-11.shtml
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
Today
|
New advisories:
|
6 |
|
New vulnerabilities:
|
23 |
|
Updated advisories:
|
66 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
6th Nov, 2009
|
New advisories:
|
17 |
|
New vulnerabilities:
|
65 |
|
Updated advisories:
|
21 |
|
|
|
|
|
|
|
|
|
|
|
|
|
 Solutions | More...
|
|
