Search
Tag Cloud
10.2.0.5 10g 11.1 11.2 ADR agent alertlog ASM base64 bug bundle patch codetable constraint database database appliance digest diskgroup encryption enterprise manager gi grid control grid infrastructure hashes LinkedIn listener monitoring oak oakcli ODA OEM ORA oracle oracle database appliance password patch bundle PLSQL privileges RAC sha1 solaris timestamp troubleshooting unwrap wrap zipCategories
-
Recent Posts
Blogroll
Category Archives: Security
Cryptographic flaws in Oracle Database authentication protocol
Recently a security researcher (Esteban Martinez Fayo) made the world aware of a problem with the O5LOGON Oracle database authentication protocol (used in 11g – 11.1 & 11.2). This problem, known as CVE-2012-3137, makes it relatively simple for attackers to … Continue reading
Posted in Database, Security
Tagged 11.1, 11.2, 1492721.1, 192, ADR, AES, AUTH_SESSKEY, AUTH_VFR_DATA, brute force, CVE-2012-3137, database, digest, encryption, Esteban Martinez Fayo, flaw, hashes, LinkedIn, O5LOGON, oracle, password, SALT, SHA-1, stealth, TNS
12 Comments
Password Hashes
Within Oracle databases passwords get hashed. When, for example, you create a new account or change the password of an account, the specified clear-text password gets hashed. This hash value is stored in the database with the account. Once hashed … Continue reading
Unwrapping wrapped PLSQL in 10g, 11g and 12c
There are circumstances where you whish to have a look at the source of an wrapped PL/SQL package, procedure or function. The circumstances I want to have peek at the source is when some PL/SQL code becomes invalidated because an … Continue reading