April 20, 2006 6:30 PM PDT

Attack code out for Oracle database

Attack code that takes advantage of a flaw in Oracle's database software has been released on the Web, raising the urgency to patch.

The exploit code was published Wednesday, only a day after Oracle released its quarterly Critical Patch Update, security provider Symantec said in an alert to users of its DeepSight intelligence service.

The exploit code was published to the popular BugTraq security mailing list. It targets the Oracle Database 10g and appears to give the attacker higher privileges on the system.

Oracle addressed close to 40 vulnerabilities in its Tuesday patch release cycle. Some of the issues would require an exploit for a successful attack; others would not, according to Symantec.

The U.S. Computer Emergency Readiness Team added its voice on Wednesday, urging users in an alert to apply Oracle's fixes.

See more CNET content tagged:
Oracle Corp., Oracle Database, Symantec Corp., database

1 comment

Join the conversation!
Add your comment
Funny as could be
when MS releases 10 fixes, it is a "Mega Patch"
<a class="jive-link-external" href="http://news.cbsi.com/Critical+megapatch+sews+up+10+holes+in+IE/2100-1002_3-6060038.html" target="_newWindow">http://news.cbsi.com/Critical+megapatch+sews+up+10+holes+in+IE/2100-1002_3-6060038.html</a>

40 from Oracle? FireFox? Apple?
Ah yes, the media darlings should just be excused their faults.

CNet should be ashamed of its reporting. Bias is one thing; this is ridiculous.
Posted by catch23 (436 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.