Re: PUBLIC privileges on XDB$ACL

From: <david_at_databasesecurity.com>
Date: Fri, 20 Jul 2012 03:52:05 +0100
Message-ID: <7E50564C61594DB68ADBBF931F065C03_at_NAUTILUS>

>becoming interesting..!
>can someone provide a test case where by, it can be tested how attacker can
>attack any sql/plsqlcode..pl..!

The attack vector should become apparent once you read the documentation for CREATE INDEX...
http://docs.oracle.com/cd/B28359_01/server.111/b28286/statements_5011.htm Cheers,
David

--
http://www.freelists.org/webpage/oracle-l

Received on Thu Jul 19 2012 - 21:52:05 CDT

This message: [ Message body ]
Next message: Subodh Deshpande: "Re: PUBLIC privileges on XDB$ACL"
Previous message: Sreejith Nair: "Re: Size of Voting Disk"
In reply to: Subodh Deshpande: "Re: PUBLIC privileges on XDB$ACL"
Next in thread: Subodh Deshpande: "Re: PUBLIC privileges on XDB$ACL"
Reply: Subodh Deshpande: "Re: PUBLIC privileges on XDB$ACL"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message