Category Archives: Security

Cryptographic flaws in Oracle Database authentication protocol

Recently a security researcher (Esteban Martinez Fayo) made the world aware of a problem with the O5LOGON Oracle database authentication protocol (used in 11g – 11.1 & 11.2). This problem, known as CVE-2012-3137, makes it relatively simple for attackers to … Continue reading

Posted in Database, Security | Tagged , , , , , , , , , , , , , , , , , , , , , , , | 12 Comments

Password Hashes

Within Oracle databases passwords get hashed. When, for example, you create a new account or change the password of an account, the specified clear-text password gets hashed. This hash value is stored in the database with the account. Once hashed … Continue reading

Posted in Security | Tagged , , , , , , | 6 Comments

Unwrapping wrapped PLSQL in 10g, 11g and 12c

There are circumstances where you whish to have a look at the source of an wrapped PL/SQL package, procedure or function. The circumstances I want to have peek at the source is when some PL/SQL code becomes invalidated because an … Continue reading

Posted in Security | Tagged , , , , , , , , | 2 Comments