This discussion is archived
3 Replies Latest reply: Oct 8, 2012 5:57 AM by user6410732 RSS

Claim concerning "Flaw in Oracle Logon Protocol"

Stew Ashton Expert
Currently Being Moderated
Hello,

This site claims that Oracle Database V11.1 and 11.2 have a flaw that facilitates password cracking.

https://threatpost.com/en_us/blogs/flaw-oracle-logon-protocol-leads-easy-password-cracking-092012

Has anyone heard of any reaction from Oracle about this?

The article suggests as a workaround "disabling the Oracle logon protocol version 11 on the server." Does anyone know what that means, what it would entail and what side effects there might be?

Thanks in advance.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points