not sure what are you looking for
Printable View
not sure what are you looking for
Thanks for the detailed answer.Quote:
Originally posted by jmodic
I'm not sure what would you realy like to have. You asked if there are any other vulnerabilities beside those reported by Appsecinc and you were told there are plenty of others. You asked for URL and Pando have provided you four other URLs on this subject. Now you object that they are "too general". What kind of details do you want? If you have followed some of those URLs you would have found out that it is a common practice among those researchers that they do not publish any datils about security vulnerabilities findings, at least not until the patches are available. The reason for that is very obvious.
David Litchfield alone has reported the finding of 34 different vulnerabilities in Oracles database software - he reported them to Oracle and provided no further details about those flaws to general public.
In one of Pando's URLS you can find the following:
Bottomline:
Q: "Are there any other known vulnerabilities?"
A: "Yes. Yes. Yes."
Q: "Can you give more details about them?"
A: a) "GIYF"; b) "You would probably have to press on Oracle to publish some more details about them."
I am looking for *all* the vulnerabilities. The complete list. I know I am fishing. Just asking here if you know of an URL listing them all.
And what would be the use... if you know the list of vulnerabilities this security alert?
Forget it ...Quote:
Originally posted by pando
And what would be the use... if you know the list of vulnerabilities this security alert?
Hello
Can some one tell me how do i check if http server is installed in database (unix server), i known running installer is one way but i am interested if any view/table in database from where i can get this info.
If you do not have http server install/owa packages as stated in patch readme file , do you still need to install 2nd patch.
thanks
Satish