Fundamental Oracle Flaw Revealed (Part II)

In my previous blog, I tried to explain why the fundamental Oracle flaw is dangerous. On the other hand, in my tests I couldn’t find a way to pass a higher SCN to a target DB to crash it. Since then, I’m trying to verify that this flaw can be can exploited. Here’s a short video of one of my tests:

So what’s the next move? According to my first impressions, the latest CPU Patch solves the SCN problem. Patched database detects big SCN jumps and denies remote transactions. So I’ll repeat myself again: Please apply the CPU as soon as possible.

Please share
  • 1
  •  
  •  
  •  
  •  
  •  

AWS Big Data Specialist. Oracle Certified Professional (OCP) for EBS R12, Oracle 10g and 11g. Co-author of "Expert Oracle Enterprise Manager 12c" book published by Apress. Awarded as Oracle ACE (in 2011) and Oracle ACE Director (in 2016) for the continuous contributions to the Oracle users community. Founding member, and vice president of Turkish Oracle User Group (TROUG). Presented at various international conferences including Oracle Open World.

1 Comment

  1. Pingback: Fundamental Oracle flaw revealed??? Update …! | Upgrade your Database - NOW!

Leave Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.