Database flaws more risky than thought

By Robert Lemos
Staff Writer, CNET News

Share
- Digg
- Del.icio.us
- Reddit
- Facebook
- Google
- Newsvine
- Yahoo! Bookmarks
- Twitter
- Stumbleupon
E-mail
Print

Related Stories: IBM seeks to ease database burden
September 9, 2004; Oracle plans to patch peck of flaws
August 3, 2004; Another 'critical' flaw, this time from Oracle
June 10, 2004

Details of multiple security flaws in Oracle and IBM databases have been released by the security company that found them.

The flaws, which were described in general terms in August and September by Next-Generation Security Software, could allow an attacker to remotely compromise servers running the database programs. Security company Symantec raised its Internet threat rating of the flaws to 2 from 1, based on the details released on Thursday.

NGSSoftware gave users of the databases more than three months to fix their systems when it announced its discovery of the flaws. Oracle has already released patches for the 10 vulnerabilities affecting its 9i database, and IBM has issued fixes for two flaws in DB2 versions 7 and 8.1.

"Some of these are more serious than others," said David Litchfield, a security researcher and co-founder of U.K.-based NGSSoftware. "Most of these vulnerabilities can be exploited remotely."

The advisories can be found on NGSSoftware's Web site.

See more CNET content tagged:
flaw, IBM Corp., Oracle Corp., database, security

Latest tech news headlines

Foxmarks syncs your passwords across PCs
Posted in Webware by Rafe Needleman

October 15, 2008 5:19 PM PDT
IMDB turns 18
Posted in News - Gaming and Culture by Daniel Terdiman

October 15, 2008 5:17 PM PDT
FBI targets rise in cybercrime from U.S. and abroad
Posted in News - Politics and Law by Stephanie Condon

October 15, 2008 4:19 PM PDT
See all headlines

Resource center from CNET News sponsors

You Need The Speed of Norton 2009

Introducing Norton Internet Security™2009

With one-click, one-minute install, under 8MB of memory usage and fewer, shorter scans, it's the fastest security suite anywhere. Norton. Smart Security, Engineered for Speed. Get a FREE trial today!

The Fastest Security Suite Anywhere

Experience the revolutionary Norton Internet Security™ 2009. With Norton™ Insight, a new feature, you get precision security that targets only at risk files for fewer, faster, shorter scans

Win a Trip to Space!*

Enter the Blast Off with Norton Sweepstakes for your shot at a trip to space. You could experience being fast and weightless, just like the new Norton 2009. *No purchase necessary; click for full details.

FREE Trial!

Act now to get your FREE trial of Norton Internet Security 2009. Try it for the protection. Love it for the speed

Norton Safe Web NEW!

A community-based system that rates web site safety

Norton Labs NEW!

Users can download new security technologies and share input directly with developers. Help us shape our future products!

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Inside CNET News

Scroll Left Scroll Right

News - Business Tech
IDC: Netbook shipments up, expect constrained IT budgets
Economic turmoil drives lowered consumer and professional spending on PCs, but makes cheaper Netbooks more attractive.
Gallery
Photos: Solar business heats up the Golden State
The Open Road
Ah, the irony! SAP freezes internal IT purchases
SAP is halting internal IT purchases. Should its customers do the same?
Coop's Corner
Vint Cerf backs Obama for U.S. president
Internet legend says he's casting his vote because of Obama's position on Net neutrality.
Video
'Prototype This' invents the future
News - Wireless
FCC chairman backs use of 'white space' spectrum
The chairman of the FCC said Wednesday that he supports the use of unused "white space" spectrum for wireless broadband services.
Video
Apple laptop redesigns and a lower price
News - Gaming and Culture
IMDB turns 18
You might not know it, but the site that has become the definitive repository of information about movies is older than the Web.
News - Cutting Edge
'60 Minutes' video: Drone warfare in Iraq
UAVs like the Predator are a highly valued asset for the U.S. military as it pursues "fleeting and perishable" targets. Lesley Stahl reports.
Gallery
Photos: 'Popular Mechanics' breakthroughs
Webware
Foxmarks syncs your passwords across PCs
Use more than one computer and hate managing passwords on them? Check this out.
Green Tech
Tesla Motors replaces CEO, plans layoff
Elon Musk, company investor and chairman, will take over as CEO, replacing Ze'ev Drori, who will join the board. Layoffs are also planned as part of a corporate review.