[Dailydave] The Week of Oracle Database Bugs
Joel Eriksson
je-dailydave at bitnux.com
Tue Nov 21 12:42:27 Local tim 2006
If that's the case, the threat to US National Security is there
regardless of if Cesar releases a couple of his 0days or not.
Actually, it might even put some pressure on Oracle to start
taking security seriously, which would be a huge favor to
their customers.
Vulnerabilities are often known and (ab)used long before they
are publicly known. It's the existence of a security bug that
is the real danger, not whether the bug is known by the public
at large, by a small group or by noone (so far). Actually, the
bug can do far more damage during the time it's known only by
a few.
--
Best Regards,
Joel Eriksson
CTO Bitsec AB
On Tue, Nov 21, 2006 at 11:14:41AM +0530, ¯`·._The Sun_.·´¯ wrote:
> I hear often that most of the US govt. data resides in/on Oracle databases.
> Depending on how much information Argeniss reveals, couldn't this turn into
> a significant threat to US National Security?
More information about the Dailydave
mailing list