Oracle closes another 122 security vulnerabilities
October 19, 2006
Database vendor Oracle has released a critical security patch update that closes no less than 122 security vulnerabilities across the company's databases, enterprise applications, developer tools and middleware applications. Oracle issues its security updates on a quarterly basis and is now using a system that assigns a severity score to its security holes on a scale of 1 to 10.
The database developer has also started providing additional information indicating whether a security flaw can be exploited by remote attackers without any authentication credentials. Oracle's new system is designed to help systems administrators identify the most urgent security issues.
The most important security hole was assigned a base score of 7.0 and affects Oracle Application Express. The company's flagship database received a total of twenty-two fixes, with the most severe ranked at 4.2.
Overall, the scores are assigned using the industry standard CVSS (Common Vulnerability Scoring System) which is also used by networking giant Cisco Systems.
David Litchfield, a representative from Next Generation Security Software, severely criticised Oracle for failing to deliver its patches on all platforms.
Patches for Oracle databases 220.127.116.11 and 10.1.0.5 will not be available until the end of October 2006.
Users running Oracle 10.2.0.1 on Linux Power servers will also have to wait until the end of this month, as will users running Oracle 10.2.0.2 on the Windows operating system.
"In July 2006, and after a successful critical patch update release, when Oracle had all the patches ready, it is really disappointing to see Oracle slipping back into its old bad habits," said Litchfield.
Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.
You can link to the
Internet Security web site as
much as you like. Read our section on how your company can participate in our
reciprocal link exchange program
and increase your rankings
in the major search engines such as
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing