CVE-2012-3132 and Express Editions of Oracle DB [message #568274] |
Wed, 10 October 2012 07:54 ![Go to next message Go to next message](/forum/theme/orafaq/images/down.png) |
![](http://www.gravatar.com/avatar/ab5986f381659074230be3e1804b82ca?s=64&d=mm&r=g) |
eastcoastbbc
Messages: 2 Registered: October 2012
|
Junior Member |
|
|
Good morning,
I was wondering if the Express Edition of Oracle Database inherited the same vulnerabilities as the whole edition?
Namely I have a few hosts that have Oracle Database 11g Express Edition installed and I was wondering if they would then be vulnerable to CVE-2012-3132 and specifically the easily exploitable flaw associated with it, detailed below:
Can't use links until I've posted 5 messages, ugh..link obfu with x's and []
hxxp://threatpost[.]com/en_us/blogs/flaw-oracle-logon-protocol-leads-easy-password-cracking-092012
Any help/insight would be greatly appreciated.
Thank you,
Jarad
|
|
|
|
|