Press CTRL-D to bookmark us
Welcome Guest Login / Register / Members
Search in  
Top Submit newsSubscribe
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
 

 Sponsored links

Want to become one of our authors and see your work published on ALLSeek.iNFO ?
 
 Oracle Database DIRECTORY Object Access Control Flaw May Let Certain Users Access Other Directories
Categorie: Vulnerability
Posted: 2005-01-20 by ReCall
Views: 353
Source: Click here
 		Current Rating: Not rated
Poor Best
 Details
Description: A vulnerability was reported in the Oracle Database in controlling access to DIRECTORY objects. A remote authenticated user can access data located outside of the specified DIRECTORY object.

Pete Finnigan reported that a remote authenticated user with DIRECTORY read privileges can read information from locations on the system that are outside of the DIRECTORY object location.

No further details were provided.

The original advisory is available at:

http://www.petefinnigan.com/directory_traversal.pdf

Impact: A remote authenticated user with DIRECTORY read privileges can access data located outside of the specified DIRECTORY object location.

Solution: The vendor has issued a fix (Critical Patch Update - January 2005), described at:

http://www.oracle.com/technology/deploy/security/pdf/cpu-jan-2005_advisory.pdf
 
Syndication
Permalink Email this

The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1307

User comments (post your comments here)

Only registerd members can post comments and articles
 
Previous articleBack to news listNext article
 


InterJOB.su
Bookmark us | Set As Homepage | Advertising | Contact Us | Recomend us | Link us | Links | Terms

SpyLOG Page Rank Checker
LAST QUERIES