Hi
I regularly check David Litchfields blog (nice review[1]), but there was
nothing like that (I may be wrong of course) since the
DBMS_EXPORT_EXTENSION Injection (package with public execute access;
simply prevented with REVOKE EXECUTE ON SYS.DBMS_EXPORT_EXTENSION FROM PUBLIC FORCE[2-4]
Although there was a myriad of bugs and security flaws with oracle,
I can't remember another sql injection as dramatic as the above
mentioned.
Cheers
[1] http://www.davidlitchfield.com/blog/...s/00000001.htm
[2] http://www.securityfocus.com/archive/1/431353 (Jose
Antonio Coret)
[3] http://lists.grok.org.uk/pipermail/f...il/045540.html (david litchfield)
[4] http://www.securiteam.com/exploits/5FP011FKKK.html and others.
Reply With Quote