Posted by Harrison Neal on Feb 01
The Oracle CPU dated 2020 Jan 14 included patches for various issues
related to database links and gateways (“Oracle Heterogeneous Services”).
Two vulnerabilities in particular might lead to privilege escalation,
denial of service, or code execution attacks against Oracle databases.
Attackers might look like either:
1 ) A malicious or compromised database user with at least the CREATE
[PUBLIC] DATABASE LINK privilege; the CREATE [ANY]…
– Read More – Full Disclosure