It used to be, an Oracle database would ship ready to run on one port. You’d lock that one port down, and you’d be reasonably secure. Nowadays, all bets are off, as vendors crank up feature sets and complexity skyrockets. A recently reported, high-level Oracle security vulnerability underscores this problem. This particular vulnerability, which has to do with SSL (Secure Sockets Layer), affects certain releases of Oracle9i Database Server, Oracle8i Database Server, Oracle9i Application Server and Oracle HTTP Server. If Oracle9i is vulnerable, 10g is guaranteed to have holes, security experts say. While vendors such as Oracle are balancing increasingly complex iterations with ever more security features in order to manage security more granularly, it’s still harder to manage security. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.