[Full-disclosure] A New Class of Vulnerability in Oracle: Lateral SQL Injection
Ureleet
ureleet at gmail.com
Thu Apr 24 22:30:16 BST 2008
so did u or didnt u cancel it? please make up ur mind so we know whether to
post anything on may 1 or not.
i support the "take a day off from fd" day on may 1.
On Thu, Apr 24, 2008 at 4:32 PM, n3td3v <xploitable at gmail.com> wrote:
>
> On Thu, Apr 24, 2008 at 5:49 PM, David Litchfield
> <davidl at ngssoftware.com> wrote:
> > Hey all,
> > I've just released some research that demonstrates a new class of
> > vulnerability in Oracle and how it can be exploited by an attacker. You
> can
> > grab the paper from here:
> > http://www.databasesecurity.com/dbsec/lateral-sql-injection.pdf
> > Cheers,
> > David Litchfield
> > NGSSoftware Ltd
> > http://www.ngssoftware.com/
> > http://www.davidlitchfield.com/blog
> >
>
> Thanks for waiting until Web Application Security Awareness Day,
>
> All the best,
>
> n3td3v
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080424/b7ee0610/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.