Oracle database can be hacked remotely: researcher

Custom Search

Hack in The Box
TechAirlines
Wallpapers
Computer Forensics Boot Camp
Electricity Prices
Texas Electricity
Electricity Rates in Texas
Electric Companies in Texas
Experts Galaxy
NewsApp Portal

[Welcome to SCforum.info - Security [CENTRAL] Forum]

Welcome to SCforum.info - Security [CENTRAL] Forum, a home of the SCF Community devoted to provide Computer related News, Alerts, Downloads and FREE Help in such a way that even the novice computer user can understand.

Getting started using our community is extremely easy, check the two steps below:

Step 1: Create an account by clicking here and wait for approval from Administrator. It's completely free with no hidden strings attached.

Step 2: If you have a computer problem and need some help, or just want to take part in opened discussions, simply browse Forum. Once you *Register an account, you can quickly post your questions and comments.

(*Registered Members get: free support, also, they can communicate privately with other members via PM, removal of this message, see fewer ads and much more...)

[Samker]

A computer security expert has uncovered what he says are flaws in widely used software from Oracle Corp that could let hackers remotely access sensitive information in corporate and government databases.

A bug in the design of the Oracle database -- the world's top-selling software for storing electronic information -- could allow hackers to break into private databases via the Internet, said David Litchfield, chief research scientist of NGSSoftware Ltd, a UK-based computer security company.

"It allows an attacker without a user ID and password to take complete control. All firewalls become irrelevant," Litchfield said on Wednesday after presenting his research at the Black Hat hacking conference in Washington.

Litchfield said that he warned Oracle of the problem in November, hoping that the company would fix the flaw when it issued a group of quarterly security patches in January.

He said that he decided to go public because Oracle failed to do so.

Officials with Oracle declined comment on the matter.

Litchfield said that he believes about nine out of every 10 Oracle databases are vulnerable to attack. He said it is possible to change the default settings on Oracle's software to thwart potential hackers looking to exploit the vulnerability.

He added that it was impossible to say whether any hackers had actually exploited the flaw to illegally break into a database.

(Reuters)