February 19th, 2003, 04:27 PM
Security Bugs in Oracle, Lotus Products
i ran across this , Im not sure if it effects any of you out there but i figured id pass on the information
Full story Here
A British security research firm has released a slew of security warnings for flaws in enterprise products from Oracle and IBM's Lotus.
Security advisories from NGSSoftware warned of six serious flaws in components of Oracle's database server software, including four "critical" buffer overrun vulnerabilities.
Oracle has released patches for the flaws, which also affect its newest Oracle 9i Application Server, which is specially designed to integrate with an Oracle backend database server. One of the more serious vulnerabilities is a format string bug that would let an attacker overwrite arbitrary address with arbitrary values and gain complete control of the Web server.
they also issued a fix located Here