TechTarget

Giga slams Oracle security claims

Analyst organisation Giga Information Group has cast doubt over Oracle's claims that its software is unbreakable.

Analyst organisation Giga Information Group has cast doubt over Oracle's claims that its software is unbreakable.

At last week's AppsWorld conference in Amsterdam Oracle chairman Larry Ellison claimed his company's software has never been hacked and blasted Microsoft for the security problems its products have faced recently.

But in a GigaFlash advisory note, analyst Michael Rasmussen shot down the claims, pointing out that since Oracle first announced its "unbreakable" software campaign in September, three major flaws have been uncovered in its products.

He said that hackers took the company's security stance as a challenge. As a result Rasmussen said that in the Oracle Application Server software there was a PL/SQL Apache Module buffer-overflow vulnerability, a PL/SQL Apache Module directory-traversal vulnerability and a path-revealing vulnerability.

Microsoft, the target of many hacking attacks, also affirmed security as a number one priority. In a recent interview chief executive officer Steve Ballmer noted that all software contained security holes. "We are committed to responding quickly and openly when vulnerabilities are discovered," he said.

But in many ways, security is a cat and mouse game between the hacker and the software supplier. Giga's Rasmussen advised users to "buy the product that best meets business needs (security being one of them) and be vigilant." He also warned suppliers who consider claiming their software is secure to think again.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close