Oracle Vulnerability Discovered in OID

• Previous message: George Staikos: "Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities)"
• In reply to: Nick FitzGerald: "Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm."
• Next in thread: Dave Lee: "RE: Oracle Vulnerability Discovered in OID"
• Next in thread: Jerome Alet: "Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm."
• Next in thread: Tony Langdon: "Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm."
• Reply: Dave Lee: "RE: Oracle Vulnerability Discovered in OID"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There's a new vulnerability discovered in the Oracle Internet Directory
(Oracle's LDAP server). It has been in the database since 7/16, but I
haven't seen it mentioned here yet.

Here are links to the details of the advisory:

"Oracle Internet Directory contains multiple vulnerabilities in LDAP
handling code"
http://www.kb.cert.org/vuls/id/869184

http://www.securityfocus.com/bid/3047

http://otn.oracle.com/deploy/security/pdf/oid_cert_bof.pdf


Regards,
Aaron C. Newman
CTO/Founder
Application Security, Inc.
212-490-6022
anewmanat_private
www.appsecinc.com
-Protection Where It Counts-

• Next message: George William Herbert: "Re: 'Code Red' does not seem to be scanning for IIS"
• Previous message: George Staikos: "Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities)"
• In reply to: Nick FitzGerald: "Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm."
• Next in thread: Dave Lee: "RE: Oracle Vulnerability Discovered in OID"
• Next in thread: Jerome Alet: "Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm."
• Next in thread: Tony Langdon: "Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm."
• Reply: Dave Lee: "RE: Oracle Vulnerability Discovered in OID"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jul 20 2001 - 10:59:11 PDT