Slashdot Mirror

← Back to Stories (view on slashdot.org)

Emergency Workaround For Oracle 0-Day

Posted by kdawson on from the maybe-somebody-shorted-the-stock dept.

Almost Live writes "Oracle has released an out-of-cycle alert to offer mitigation for a zero-day exploit that's been posted on the Internet. The emergency workaround addresses an unpatched remote buffer overflow that's remotely exploitable without the need for a username and password, and can result in compromising the confidentiality, integrity, and availability of the targeted system." Whoever published the vulnerability and matching exploit code did not contact Oracle first.

2 of 152 comments (clear)

  1. Fix your shit. by Anonymous Coward · · Score: -1, Troll

    So what if they didn't inform Oracle first? Oracle released software with a hole. They should have done a good security audit. (That might not of caught it, but the fact is that they didn't, guaranteed.)

  2. Re:Haha! by Anonymous Coward · · Score: -1, Troll

    I had a similar experience. I installed Oracle on my linux box and forgot about it. One night, My router was acting up, so I was bypassing it (and it's firewall protection). I fell asleep and when I woke up, a smelly hippy guy was giving me a blowjob. It was really weird, and I didn't know if I should tip him or not. The scariest moment was when I woke up and didn't know if it was a girl or dude.