Security, Compliance, and Identity Management

I recorded a podcast last week with Sentrigo on the subject of virtual patching and CPU’s. I have just had the link emailed to me. If you would like to listen to the podcast then please visit virtual patching the….[Read More]
Posted by Pete On 12/11/08 At 12:09 PM

Well the annual UKOUG conference in Birmingham is only around 4 weeks away from now. As usual the UKOUG guys have organised a bigger and better conference than ever. I have three slots myself. I am doing my Oracle Security….[Read More]
Posted by Pete On 07/11/08 At 02:22 PM

I have finally had time to post up an advisory for the fix I was credited for in the recent Oracle Critical Patch Update advisory released on October 14th by Oracle. My advisory is related to excessive privileges assigned to….[Read More]
Posted by Pete On 22/10/08 At 02:06 PM

Paul has recently put out a new paper on his site called ” CREATE ANY DIRETORY to SYSDBA ” and also code for the example exploit . This is an interesting paper and shows why the granting of any privilege….[Read More]
Posted by Pete On 20/10/08 At 11:12 AM

Paul Wright pointed out a new paper to me today about PL/SQL injection. The paper is called ” Assault on Oracle PL/SQL - Injection “. Beware of the profanity in the paper if you read it at work and because….[Read More]
Posted by Pete On 21/10/08 At 07:08 PM

Wow, it has been a while since my last post. I have been away a lot over the last couple of weeks teaching training classes and also consulting, so it has been busy times. I was in De Meern near….[Read More]
Posted by Pete On 06/11/08 At 02:03 PM

A new Oracle CIS benchmark has been released recently for Oracle 11g. The Oracle benchmark for 11g is an update of the previous 8i (version 1) and the subseqent 9i/10g (version 2) Oracle benchmarks. There is still only an 8i….[Read More]
Posted by Pete On 24/10/08 At 08:07 PM

Justin did a nice write-up of Oracle’s participation at the recent Silicon Valley Code Camp.
This was my first trip to the conference. I was only able to make it to the Sunday event. I would say that overall it seemed like people had a nice time, met some new friends and learned a few things. [...]

The Oracle E-Business Suite R12 Release Update Pack (RUP6 or 12.0.6) was released on November 7, 2008.  This is the latest cumulative update patch for all product families including Applications Technology (ATG).  The patch is 2GB in size and can be applied on top of any R12 version.  The only prerequisite step is to apply [...]

Well the annual UKOUG conference in Birmingham is only around 4 weeks away from now. As usual the UKOUG guys have organised a bigger and better conference than ever. I have three slots myself. I am doing my Oracle Security….[Read More]
Posted by Pete On 07/11/08 At 02:22 PM