Slashdot Mirror


Oracle 9i Isn't Quite Unbreakable

BillTheKatt writes: "The formerly (as in a couple of weeks) "unbreakable" Oracle 9i has been found to be vulnerable to a Denial Of Service bug. ... Thanks [H]ardOCP for the link to the Article At SiliconValley.com. For more information see the official notice on SecurityFocus. More proof that Microsoft does not hold a monopoly on bugs. And of course a black eye to Mr. Larry 'Big Mouth' Ellison. I'm still waiting for my network computer, Larry."

5 of 113 comments (clear)

  1. Heh... by Anonymous Coward · · Score: -1, Troll

    This is going to rock to all those people who installed Oracle 9 thinking they'd be all set... Well, a patch will be out soon enough anyway... so lets all switch to MS SQL in the mean time!

  2. Larry, by WinAddict · · Score: 0, Troll

    I'm waiting for my National ID card.

  3. Re:My girlfriend by Anonymous Coward · · Score: -1, Troll

    You need to tell her straight up that she is Fat. With women this will get one of two reactions:

    1. She will get depressed and eat until she is the size of a whale (in which case you leave her).
    2. She will get depressed and starve herself until she weighs 85lbs (in which case you win).

    Its a gamble, but you need to confront her now.

  4. Re:ascii goatse by Anonymous Coward · · Score: -1, Troll

    that's the goatse that we know and love...

  5. The Distinction is Very Important by Bud+Dwyer · · Score: -1, Troll
    Some people are confusing the Oracle9i Database with the Oracle9i Application Server . . . The article refers to Oracle9i Application Server, not the database.

    Oracle9i Application Server is basically Apache 1.3 bundled with Orion Application Server and and embedded (yes, embedded!) Oracle database server used for data caching.


    I'm so glad you pointed that out. I know there are a lot of people out there with no experience in databases, who are jumping on Oracle for something that really isn't consequential. Oracle makes the best DB software in the business, period. Their software has taken everything I've thrown at it, and more. So it may be vulnerable tto DoS attacks. What else is new? Isn't everything on the internet?

    This whole situation does go to show you what happens when you integrate your product with Open Source software, though. I mean, let's face it, Apache was never designed to handle mission-critical, Enterprise-level applications. It's great for serving web-pages out of your dorm-room, but for a $$$ piece of software like Oracle 9i, I don't know. I realize Oracle's engineers reworked it from the ground up, but you're never going to be able to fully vet a piece of software like Apache that was developed by non-professionals. Of course bugs are going to get through. If Larry wants to be able to keep making his grandiose (and generally true) claims about the robustness of his products, he's going to have to reconsider the using free, non-trusted code.