Oracle Doesn’t Take Security Seriously

July 22nd, 2005

Last week Oracle released a massive collection of patches to fix fifty security holes found throughout its software. This is generally considered good news, but Red-Database-Security claims that Oracle has known about other issues for several years and has done nothing to patch them. A quote on Red-Database-Security’s website claims that “Oracle is really slow in fixing security issues.” followed by a list of recently published security exploits and the dates oracle was orignally notified of the holes. Several of these vulnerabilities leave systems open to serious attack from malicious hackers. Oracle stated in their defense that they patched holes by severity leaving those they felt were less of a threat open while they focused on more important issues.

You can see the list of security holes in question at: http://www.red-database-security.com/advisory/published_alerts.html

Entry Filed under: Server Security

Leave a Comment

Required

Required, hidden

Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Trackback this post  |  Subscribe to the comments via RSS Feed

Calendar

July 2005
M T W T F S S
    Jan »
 123
45678910
11121314151617
18192021222324
25262728293031

Most Recent Posts