There's a new vulnerability discovered in the Oracle Internet Directory (Oracle's LDAP server). It has been in the database since 7/16, but I haven't seen it mentioned here yet. Here are links to the details of the advisory: "Oracle Internet Directory contains multiple vulnerabilities in LDAP handling code" http://www.kb.cert.org/vuls/id/869184 http://www.securityfocus.com/bid/3047 http://otn.oracle.com/deploy/security/pdf/oid_cert_bof.pdf Regards, Aaron C. Newman CTO/Founder Application Security, Inc. 212-490-6022 anewmanat_private www.appsecinc.com -Protection Where It Counts-
This archive was generated by hypermail 2b30 : Fri Jul 20 2001 - 10:59:11 PDT