ID: IRCNE2012071565
Date: 2012-07-28
According to "computerworld", visitors to the Black Hat security conference in Las Vegas have seen renown expert David Litchfield score again against Oracle’s database by demonstrating an exploit that would allow him to take control as an administrator.
Litchfield, chief security architect at Accuvant Labs, demoed what he called the PWNORACLE exploit against the Oracle 11g database. In 2010 at a Black Hat event, Litchfield showed how to subvert security in the 11g database by exploiting zero-day vulnerabilities.
Litchfield said he has already reported the vulnerability he discovered to Oracle and thought they would have fixed it by now.
Still, the recent push from Anonymous to break into databases means that security managers need to understand how hackers break in, Litchfield said.
- 2