|
||
|
||
Home >
Money > Business Headlines > Report April 26, 2002 | 1101 IST |
Feedback
|
|
'Unbreakable' Oracle9i bares inside chinkSanjay K Pillai A vulnerability has been discovered in the California-based information technology giant Oracle's flagship database management product Oracle9i, which can render enterprises susceptible to security breaches from within. A bug like this means even if a company has an intrusion detection system in place, break-ins can occur as the attacker would be a registered user and an employee of the company. The vulnerability resides on a specific version, Oracle9i Release 9.0.1.x, and so far has no workarounds. Oracle said it would be putting up a patch for this problem on Oracle's Worldwide Support website. The vulnerability has, however, been fixed in the most recent version of Oracle9i. Oracle India said there were no known cases of any security breaches till now. "Oracle has been made aware of a security vulnerability affecting only Release 9.1.x of the Oracle9i Database. This vulnerability has been fixed in the next version of 9i Database (release 2). Oracle is not aware of any instances where this vulnerability may have been exploited. Oracle8i (Release 8.1.x), Oracle8 (Release 8.0.6.x) and Oracle7 are not affected by this vulnerability. Oracle is committed to respond as quickly as possible with information, patches and workarounds that customers can apply. A patch for this vulnerability will be posted shortly and available for customers and OTN members on Oracle's Worldwide Support website, Metalink, at http://metalink.oracle.com the response said. Keshav Murthy, system architect with Bangalore Labs, a managed security service provider, said the vulnerability means attacks could happen only from registered users and not from hackers outside the networked environment. Oracle has the largest share in database management systems globally and in India too it enjoys majority spoils. The company has, in its advertisement campaigns, dared hackers to break into its servers. With tag lines such as "Oracle9i Database-Can't Break It. Can't Break In" and "Only Oracle9i Is Unbreakable," the company's marketing campaign -kicked off at the Comdex meet in Las Vegas last November-has set the bar high for database maker's programmers. ALSO READ:
|
ADVERTISEMENT |