iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > News > Security News > Oracle’s Early Security Patch Release: 11i Update
Search:
[ news_security_news ]

Oracle’s Early Security Patch Release: 11i Update



John Stith
Staff Writer
2006-02-28

SecurityProNews: Insider Reports Insider Reports RSS Feed


Database monster Oracle released an out-of-cycle security patch with multiple fixes for what are considered high-risk vulnerabilities for their enterprise customers. The product in question relates to the Oracle Diagnostics troubleshooting feature of the E-Business Suite 11i and it comes as nearly two months ahead of schedule.

On Friday, security-consulting firm Integrigy published an advisory regarding the vulnerabilities including high risk vulnerabilities in multiple areas. When 11i was originally designed, it designed to help IT admins to conduct tests. Integrigy said this in their bulletin(pdf):

There exist a number of high risk security vulnerabilities in the Oracle Diagnostics web pages and Java classes. The most significant issue with the Oracle Diagnostics is that some of the diagnostics can be executed without any authentication and it is possible to configure the diagnostics to be unrestricted. Also, several permission issues and SQL injection vulnerabilities are fixed by the patch.

Integrigy suggested in their advisory that Oracle might be utilizing this update to get people to remember their updates and make the changes they need to allow Oracle to provide better service. Normally, Oracle puts through an update once a quarter with the next update due out on April 18th.


Get all the updates - click this link:

Add to | DiggThis| Yahoo My Web



Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - 1998-2009 All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds