Rediff Logo
 Money
Line
Home > Money > Business Headlines > Report
April 26, 2002 | 1101 IST 		Feedback  
  Money Matters

 -  Business Headlines
 -  Corporate Headlines
 -  Business Special
 -  Columns
 -  IPO Center
 -  Message Boards
 -  Mutual Funds
 -  Personal Finance
 -  Stocks
 -  Tutorials
 -  Search rediff

    
      






 Secrets every
 mother should
 know


 Your Lipstick
 talks!


 Make money
 while you sleep.


 Bathroom singing
 goes techno!


 
 Search the Internet
         Tips
 Sites: Finance, Investment

Print this page Best Printed on HP Laserjets
E-Mail this report to a friend

'Unbreakable' Oracle9i bares inside chink

Sanjay K Pillai

A vulnerability has been discovered in the California-based information technology giant Oracle's flagship database management product Oracle9i, which can render enterprises susceptible to security breaches from within.

A bug like this means even if a company has an intrusion detection system in place, break-ins can occur as the attacker would be a registered user and an employee of the company.

The vulnerability resides on a specific version, Oracle9i Release 9.0.1.x, and so far has no workarounds.

Oracle said it would be putting up a patch for this problem on Oracle's Worldwide Support website.

The vulnerability has, however, been fixed in the most recent version of Oracle9i.

Oracle India said there were no known cases of any security breaches till now.

"Oracle has been made aware of a security vulnerability affecting only Release 9.1.x of the Oracle9i Database. This vulnerability has been fixed in the next version of 9i Database (release 2).

Oracle is not aware of any instances where this vulnerability may have been exploited. Oracle8i (Release 8.1.x), Oracle8 (Release 8.0.6.x) and Oracle7 are not affected by this vulnerability.

Oracle is committed to respond as quickly as possible with information, patches and workarounds that customers can apply.

A patch for this vulnerability will be posted shortly and available for customers and OTN members on Oracle's Worldwide Support website, Metalink, at http://metalink.oracle.com the response said.

Keshav Murthy, system architect with Bangalore Labs, a managed security service provider, said the vulnerability means attacks could happen only from registered users and not from hackers outside the networked environment.

Oracle has the largest share in database management systems globally and in India too it enjoys majority spoils.

The company has, in its advertisement campaigns, dared hackers to break into its servers.

With tag lines such as "Oracle9i Database-Can't Break It. Can't Break In" and "Only Oracle9i Is Unbreakable," the company's marketing campaign -kicked off at the Comdex meet in Las Vegas last November-has set the bar high for database maker's programmers.

Powered by

ALSO READ:
The Rediff Budget Special
The Rediff-Business Standard Special
Money

Tell us what you think of this report

ADVERTISEMENT