It's starting to look like an epidemic, PC World is reporting that a security expert has found 'Stupid Holes' in Oracle 11g. Check out more from PC World in their article, 'Stupid' Holes Reported in Oracle 11g. They report:
I'm starting to wonder if there isn't a more systemic cause to all the recent programming problems the industry has experienced. Perhaps it is financial pressure that causes programming staffs to rush applications out the door, or maybe the new methodologies are not being implemented as envisioned, what ever the reason, we need to take a look at what we are doing in our own application teams and try out best not to allow our applications not to add up on my list of application failures. Sphere: Related Content"Oracle made big progress with 11g, but some of the vulnerabilities I've found so far in 11g are stupid programming errors," said Alexander Kornbrust, managing director of Red Database Security GmbH, during an interview at the Hack In The Box (HITB) Security Conference 2007 in Kuala Lumpur, Malaysia.
"Oracle must educate their own development team because they should normally avoid these simple security vulnerabilities," Kornbrust said.
0 comments:
Post a Comment