Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

+ - Oracle Database Redaction Trivial to Bypass->

msm1267 writes: Researcher David Litchfield is back at it again, dissecting Oracle software looking for critical bugs. At the Black Hat 2014 conference, Litchfield delivered research on a new data redaction service the company added in Oracle 12c. The service is designed to allow administrators to mask sensitive data, such as credit card numbers or health information, during certain operations. But when Litchfield took a close look he found a slew of trivially exploitable vulnerabilities that bypass the data redaction service and trick the system into returning data that should be masked.
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Oracle Database Redaction Trivial to Bypass

Comments Filter:

Computer Science is the only discipline in which we view adding a new wing to a building as being maintenance -- Jim Horning

Working...