David Litchfield's Weblog

Home
Archives
NGSSoftware
DatabaseSecurity.com


Greymatter Forums

April 2008
SMTWTFS
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30      

Valid XHTML 1.0!

Powered By Greymatter

RSS 1.0 FEED
RSS 2.0 FEED
Atom 0.3 FEED
Powered by gm-rss 2.0.1
Home » Archives » April 2008 » A New Class of Vulnerability in Oracle: Lateral SQL Injection

[Previous entry: "Citius, Altius, Fortius!"] [Next entry: "Look before you leap..."]

04/24/2008: "A New Class of Vulnerability in Oracle: Lateral SQL Injection"


I've just released some research that demonstrates a new class of vulnerability in Oracle and how it can be exploited by an attacker. You can grab the paper from here: http://www.databasesecurity.com/dbsec/lateral-sql-injection.pdf