Oracle launches patch blitz

Oracle released 14 software patches to sort out vulnerabilities in its databases and application server software, as well as releasing a tool to identify commonly used default passwords that could be misused by hackers.

Oracle released 14 software patches to sort out vulnerabilities in its databases and application server software, as well as releasing a tool to identify commonly used default passwords that could be misused by hackers.

That’s because earlier versions of Oracle databases used well-known default passwords and usernames, which could offer a problem to any users who still rely on older databases or have upgraded from an older versions that included the default passwords.
 
The password scanner is actually a SQL script that scans a database and then prints out the names of the default accounts if they're unlocked.

Several of the bugs that Oracle is patching as part of the quarterly update could be easily exploited in a widespread manner, Oracle said, including a previously disclosed vulnerability in the PL/SQL gateway software used to integrate Oracle's database with Web-based applications.
 
However, some Oracle security specialists insisted there are still a large number of unpatched bugs in Oracle’s products, including one unfixed vulnerability from February 2005.

Sometimes, it seems security researchers cause more problems for vendors than the hackers, with their announcements of vulnerabilities timed to create the maximum disruption and embarrassment. However, if the vulnerabilities weren’t there in the first place, then vendors wouldn’t have the headaches. And nor would the users.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Business applications

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close