[Full-disclosure] A New Class of Vulnerability in Oracle: Lateral SQL Injection
malix at hush.com
malix at hush.com
Thu Apr 24 21:47:24 BST 2008
And here I thought you were canceling that piece of shit.
That you even presume to believe that David Litchfield of all
people gives the slightest fuck about what you have to say simply
blows my mind.
As always, please (and let me spell it out for you), SHUT THE FUCK
UP.
On Thu, 24 Apr 2008 13:32:43 -0700 n3td3v <xploitable at gmail.com>
wrote:
>On Thu, Apr 24, 2008 at 5:49 PM, David Litchfield
><davidl at ngssoftware.com> wrote:
>> Hey all,
>> I've just released some research that demonstrates a new class
>of
>> vulnerability in Oracle and how it can be exploited by an
>attacker. You can
>> grab the paper from here:
>> http://www.databasesecurity.com/dbsec/lateral-sql-injection.pdf
>> Cheers,
>> David Litchfield
>> NGSSoftware Ltd
>> http://www.ngssoftware.com/
>> http://www.davidlitchfield.com/blog
>>
>
>Thanks for waiting until Web Application Security Awareness Day,
>
>All the best,
>
>n3td3v
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
--
Click here to compare rates and find the best deal on renting a car.
http://tagline.hushmail.com/fc/Ioyw6h4eRvD8OebJMba3jGtSFzdQpeikv8jYecE9cx4Yl239ZI8uxC/
Full-Disclosure is hosted and sponsored by Secunia.