Oracle 製品における複数の脆弱性に対するアップデート
http://jvn.jp/tr/TRTA08-017A
JVNRSS based Status Tracking Notes: Oracle から各製品向けの Critical Patch Update が公開されました。
JVNRSS Feasibility Study Team
jvn@jvn.jp
TRTA08-017A
2008-02-25T11:10+09:00
2008-01-21T19:58+09:00
2008-02-25T11:10+09:00
-
Oracle 10g R1 xDb.XDB_PITRIG_PKG.PITRIG_DROP - SQL Injection Exploit (get password Hashes)
http://www.securityfocus.com/bid/27229/?jvntrev=1
検証コードに関する報告
#Cid: 27229-XDB_PITRIG_PKG.PITRIG_DROP.sql
#Tested: oracle 10.1.0.2.0
Bugtraq
http://www.us-cert.gov/cas/techalerts/TA08-017A.html
2008-01-28
2008-01-28
2008-01-28
-
Oracle 10g R1 xDb.XDB_PITRIG_PKG.PITRIG_TRUNCATE - SQL Injection Exploit (get password Hashes)
http://www.securityfocus.com/bid/27229/?jvntrev=2
検証コードに関する報告
#Cid: 27229-XDB_PITRIG_PKG.PITRIG_TRUNCATE.sql
#Tested: oracle 10.1.0.2.0
Bugtraq
http://www.us-cert.gov/cas/techalerts/TA08-017A.html
2008-01-28
2008-01-28
2008-01-28
-
Oracle 10g R1 xDb.XDB_PITRIG_PKG.PITRIG_DROP - SQL Injection Exploit (change system password)
http://www.securityfocus.com/bid/27229/?jvntrev=3
検証コードに関する報告
#Cid: 27229-XDB_PITRIG_PKG.PITRIG_DROP-2.sql
#Tested: oracle 10.1.0.2.0
Bugtraq
http://www.us-cert.gov/cas/techalerts/TA08-017A.html
2008-01-28
2008-01-28
2008-01-28
-
Oracle 10g R1 xDb.XDB_PITRIG_PKG.PITRIG_TRUNCATE - BUFFER OVERFLOW (POC exploit , Crash database)
http://www.securityfocus.com/bid/27229/?jvntrev=4
検証コードに関する報告
#Cid: 27229-XDB_PITRIG_PKG.PITRIG_TRUNCATE-2.sql
#Tested: oracle 10.1.0.2.0
Bugtraq
http://www.us-cert.gov/cas/techalerts/TA08-017A.html
2008-01-28
2008-01-28
2008-01-28
-
Oracle Updates for Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA08-017A.html
US-CERT メーリングリスト経由で Technical Cyber Security Alert 受信
US-CERT
TA08-017A
2008-01-17T14:42-05:00
2008-01-17T14:42-05:00
2008-01-17T14:42-05:00
-
Oracle Critical Patch Update Advisory - January 2008
http://otn.oracle.co.jp/security/080118_81/top.html
日本オラクル
http://www.us-cert.gov/cas/techalerts/TA08-017A.html
2008-01-18
2008-01-18
2008-01-18
-
SSRT061201 rev.7 - HP Oracle for OpenView (OfO) Critical Patch Update
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143
日本ヒューレット・パッカード
HPSBMA02133
http://www.us-cert.gov/cas/techalerts/TA08-017A.html
2008-01-17T05:30-08:00
2008-01-17T05:30-08:00
2008-01-17T05:30-08:00
-
Oracle Releases October Critical Patch Update
http://www.us-cert.gov/current/archive/2008/01/16/archive.html#oracle_releases_critical_patch_update1
US-CERT Current Activity としてセキュリティアップデートを報告
US-CERT
http://www.us-cert.gov/cas/techalerts/TA08-017A.html
2008-01-16T14:18-04:00
2008-01-16T14:18-04:00
2008-01-16T14:18-04:00
-
Oracle releases January 2008 Critical Patch Update
http://isc.sans.org/diary.html?storyid=3850
SANS Internet Storm Center
http://www.us-cert.gov/cas/techalerts/TA08-017A.html
2008-01-15T21:02+00:00
2008-01-15T21:02+00:00
2008-01-15T21:02+00:00