petefinnigan
14th March 2004, 20:29
Hi Everyone,
I have just put two short papers on my website, the first discussing clear text password transmissions when changing a users password in the Oracle database and the second discussing the same issue with set role {blah} identified by {blah}. The second paper also discusses an issue I found whereby you can bypass the password protection assigned to a role. Both papers describe the issues and also suggest some solutions.
The papers are available from:
http://www.petefinnigan.com/ramblings/passwords_in_clear_text.htm
and
http://www.petefinnigan.com/ramblings/issues_with_roles_and_passwords.htm
Hope you find them useful.
kind regards
Pete
I have just put two short papers on my website, the first discussing clear text password transmissions when changing a users password in the Oracle database and the second discussing the same issue with set role {blah} identified by {blah}. The second paper also discusses an issue I found whereby you can bypass the password protection assigned to a role. Both papers describe the issues and also suggest some solutions.
The papers are available from:
http://www.petefinnigan.com/ramblings/passwords_in_clear_text.htm
and
http://www.petefinnigan.com/ramblings/issues_with_roles_and_passwords.htm
Hope you find them useful.
kind regards
Pete