Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Oracle Databases Security

Oracle Database Redaction Trivial To Bypass, Says David Litchfield 62

Posted by timothy from the let-me-ask-that-another-way dept.
msm1267 (2804139) writes "Researcher David Litchfield is back at it again, dissecting Oracle software looking for critical bugs. At the Black Hat 2014 conference, Litchfield delivered research on a new data redaction service the company added in Oracle 12c. The service is designed to allow administrators to mask sensitive data, such as credit card numbers or health information, during certain operations. But when Litchfield took a close look he found a slew of trivially exploitable vulnerabilities that bypass the data redaction service and trick the system into returning data that should be masked."
This discussion has been archived. No new comments can be posted.

Oracle Database Redaction Trivial To Bypass, Says David Litchfield More

Oracle Database Redaction Trivial To Bypass, Says David Litchfield

Comments Filter:

Slashdot Top Deals

This file will self-destruct in five minutes.

Close