critical karena memperbaiki cukup banyak lubang dalam
hal privilege user (yg harusnya gak boleh dilakukan
ternyata bisa diakalin, biasanya melalui package
standar yg di-grant ke public scr default).
website ini cukup membantu
http://www.red-database-security.com/advisory/oracle_cpu_apr_2006.html
Bagaimana mengecek vulnerability database?
Check saja versi database bersangkutan.
Kalau tidak sempat apply patch, maka privilege execute
package2 bersangkutan yg di grant ke public bisa
dihilangkan dulu..
regards,
tomi
--- Ervin Listyawan <[EMAIL PROTECTED]> wrote:
> Saya lihat di http://www.us-cert.gov/ kalau Oracle
> punya multiple
> vulnerabilites, dan saya cek di website Oracle ada
> beberapa critical
> update April 2006
>
(http://www.oracle.com/technology/deploy/security/pdf/cpuapr2006.html).
>
> Ada yang sudah coba belum, dan criticalnya sendiri
> bagaimana tingkat
> bahayanya, bagaimana checking vulnerabilities tsb?
>
> Regards,
>
> Ervin L
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--
-----------I.N.D.O - O.R.A.C.L.E---------------
Keluar: [EMAIL PROTECTED]
Website: http://indo-oracle.lizt.org (NEW)
-----------------------------------------------
Bergabung dengan Indonesia Thin Client User Groups,
Terminal Server, Citrix, New Moon Caneveral, di:
http://indo-thin.vze.com
YAHOO! GROUPS LINKS
- Visit your group "indo-oracle" on the web.
- To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
- Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
