Hey all,
As part of yesterday’s Critical Patch Update, Oracle fixed 3 security flaws
in data redaction services – one a privilege escalation vulnerability and
two redaction bypass methods. I reported these issues to Oracle in November
last year and have documented them here:
http://www.davidlitchfield.com/Oracle_Data_Redaction_is_Broken.pdf
Cheers,
David
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/