Does anyone know anything further about the new oracle exploit? It seems no one is saying shit about it other then "it's bad, it affects everything, patch patch patc".
This is the only url i could find that has anything remotely interesting. http://www.ciac.org/ciac/bulletins/o-209.shtml VULNERABILITY ASSESSMENT: Oracle rates this as a HIGH. "Exploiting some of the vulnerabilities requires network access, but no valid user account." Typical response from oracle, "DAMAGE: Oracle does not give descriptions of the vulnerabilities on this alert." Remote exploits are bad mmkay. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
