Skip navigation
Menu
Data Analytics and Data Management>SQL

Authentication Bypass Vulnerability in Oracle E-Busines Suite

Stephen Kost of Integrigy discovered that a vulnerability in the communications protocol that Oracle Applications FND File Server (FNDFS) uses lets an attacker bypass any OS, database, and application authentication to retrieve files from Oracle Applications Concurrent Manager servers. If the attacker has direct access to the Concurrent Manager server through SQL*Net, he or she can retrieve sensitive data or files (e.g., any file that the oracle or applmgr accounts can access) that contain critical passwords. Oracle has released a security bulletin regarding this vulnerability and recommends that affected users download and apply the appropriate update.

   http://www.secadministrator.com/articles/index.cfm?articleid=38686

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
digital world map on warehouse background
How To Build an International Shipping Software System
Jan 30, 2024
PowerShell Analytics header.jpg
Interactive Data Analytics With PowerShell, SQL, and ChatGPT (Sample Script)
Sep 19, 2023
blue gears
How To Filter SQL Server Data in Windows PowerShell
Sep 15, 2023
PowerShell Chart hero.jpg
How To Visualize SQL Server Data in PowerShell (With Sample Script)
Sep 11, 2023