Emergency Workaround For Oracle 0-Day

Emergency Workaround For Oracle 0-Day 152

Posted by kdawson on Tuesday July 29, 2008 @11:04PM from the maybe-somebody-shorted-the-stock dept.

Almost Live writes "Oracle has released an out-of-cycle alert to offer mitigation for a zero-day exploit that's been posted on the Internet. The emergency workaround addresses an unpatched remote buffer overflow that's remotely exploitable without the need for a username and password, and can result in compromising the confidentiality, integrity, and availability of the targeted system." Whoever published the vulnerability and matching exploit code did not contact Oracle first.

Emergency Workaround For Oracle 0-Day

This discussion has been archived. No new comments can be posted.

Search 152 Comments Log In/Create an Account

Comments Filter:

Whoops, that was my fault (Score:4, Funny)

by Anonymous Coward writes: on Tuesday July 29, 2008 @11:06PM (#24396159)

I sent the email to 0racle. Too much l33tness, sorry.

nice timing (Score:5, Funny)

by Anonymous Coward writes: on Tuesday July 29, 2008 @11:11PM (#24396227)

This would seem to be a pretty decent answer to the previous thread (How do geeks get exercise).

That's why I use... (Score:2, Funny)

by bennomatic ( 691188 ) writes: on Tuesday July 29, 2008 @11:20PM (#24396325) Homepage

...pen and paper.

Worthless (Score:5, Funny)

by jlarocco ( 851450 ) writes: on Tuesday July 29, 2008 @11:21PM (#24396335) Homepage

For christ's sake. At least link to the fucking Oracle page [oracle.com].
If I wanted to read ZDNet, I'd just go to fucking ZDNet.

It's a fucking Oracle !! Should it have known ?? (Score:2, Funny)

by Anonymous Coward writes: on Tuesday July 29, 2008 @11:41PM (#24396509)

Some Oracle That Is !!

"0 day?" (Score:1, Funny)

by Anonymous Coward writes: on Tuesday July 29, 2008 @11:44PM (#24396529)

this exploit is over 10 days old now, slashdot you are wayyy to late on reporting this.

Re:Haha! (Score:1, Funny)

by Anonymous Coward writes: on Tuesday July 29, 2008 @11:49PM (#24396555)

It was RMS, you insensitive clod!

hack my trouble ticket system (Score:2, Funny)

by magarity ( 164372 ) writes: on Tuesday July 29, 2008 @11:57PM (#24396621)

Sweet, I've been wondering how to hack the trouble ticket system's Oracle back end at work. Now when a deploy has issues in production that weren't seen in development, I can retroactively fix my ticket attachments so it looks like the system engineers screwed up the deploy. Muahahahahaha!!!!

A misnomer (Score:2, Funny)

by engun ( 1234934 ) writes: on Tuesday July 29, 2008 @11:58PM (#24396627)

The hacker thought "Oracle" already knew ;-)

Re:nice timing (Score:5, Funny)

by jd ( 1658 ) writes: <imipak@ y a hoo.com> on Tuesday July 29, 2008 @11:59PM (#24396641) Homepage Journal

Hmmm. Is it indoors? Check. Lots of sweating? Check. Potential for heart attacks in unfit people? Check. Ok, it meets the criteria.

Re:Another victim of C/C++ lack of array safety (Score:4, Funny)

by Anonymous Coward writes: on Wednesday July 30, 2008 @12:00AM (#24396661)

And Princess Diana is a victim of cars lack of a 30 MPH speed cap.

Re:Worthless (Score:1, Funny)

by Anonymous Coward writes: on Wednesday July 30, 2008 @12:01AM (#24396671)

Lose the language, you unrefined ruffian. Do you talk to your mother with that mouth? Do you think it makes your point (or lack thereof) stronger? Got masculinity issues?

Re:That's why I use... (Score:5, Funny)

by The MAZZTer ( 911996 ) writes: <(megazzt) (at) (gmail.com)> on Wednesday July 30, 2008 @12:05AM (#24396693) Homepage

Can I watch you insert and sort and group 45000 rows of data? That's gotta be a sight to behold.

Re:Another victim of C/C++ lack of array safety (Score:5, Funny)

by ByOhTek ( 1181381 ) writes: on Wednesday July 30, 2008 @12:38AM (#24396963) Journal

or for the love of Pete use an std::vector.
What's love got to do with it? In fact, if you go for money, you are probably more likely to find a good std::vector. Sorry, old joke. Couldn't resist.

Re:That's why I use... (Score:5, Funny)

by ruiner13 ( 527499 ) writes: on Wednesday July 30, 2008 @12:56AM (#24397083) Homepage

SQL: >select * from pages(start=1,end=1222) order by name asc
[command executing...]
[timeout ID-10-T - CPU has entered sleep mode]
/usr/bin >

Re:One man's ruffianity... (Score:5, Funny)

by ozphx ( 1061292 ) writes: on Wednesday July 30, 2008 @03:17AM (#24397969) Homepage

And the correct answer is "No, but I kiss yours."

Re:Another victim of C/C++ lack of array safety (Score:3, Funny)

by cicatrix1 ( 123440 ) writes: <cicatrix1&gmail,com> on Wednesday July 30, 2008 @03:18AM (#24397973) Homepage

Actually a better example of C/C++ knowing the size of the arrays would of been the sizeof() operator.
You're thinking of the infamous `size've` operator.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Emergency Workaround For Oracle 0-Day 152

Emergency Workaround For Oracle 0-Day More Login

Emergency Workaround For Oracle 0-Day

Whoops, that was my fault (Score:4, Funny)

nice timing (Score:5, Funny)

That's why I use... (Score:2, Funny)

Worthless (Score:5, Funny)

It's a fucking Oracle !! Should it have known ?? (Score:2, Funny)

"0 day?" (Score:1, Funny)

Re:Haha! (Score:1, Funny)

hack my trouble ticket system (Score:2, Funny)

A misnomer (Score:2, Funny)

Re:nice timing (Score:5, Funny)

Re:Another victim of C/C++ lack of array safety (Score:4, Funny)

Re:Worthless (Score:1, Funny)

Re:That's why I use... (Score:5, Funny)

Re:Another victim of C/C++ lack of array safety (Score:5, Funny)

Re:That's why I use... (Score:5, Funny)

Re:One man's ruffianity... (Score:5, Funny)

Re:Another victim of C/C++ lack of array safety (Score:3, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot