David Litchfield published a paper demonstrating how an unclosed or dangling cursor created and used by DBMS_SQL can lead to a security hole.

I ran his proof of this vulnerability on my Oracle Database 10g Express Edition database.

Connected as SYS:

SQL> CREATE OR REPLACE PROCEDURE pwd_compare(p_user VARCHAR) IS 2 cursor_name INTEGER; 3 […]

One of my ex-coworkers emailed me this photo. The subject of the email was: Winner of “not my job” award.

When I looked at this photo, the word “laziness” started flashing in my mind. My thoughts then wandered to laziness as it related to programming. I then asked myself: what is laziness in programming? Here are […]

Just a quick note to let you know that I have added the following blogs to OraNA:

Fairlie Rego Glenn Fawcett Steve Jones Syed Jaffar

Have a great weekend!

Since the introduction of the first Oracle search plugins for Firefox, a few things have changed:

Mozilla upgraded Firefox to version 2. Microsoft upgraded Internet Explorer to version 7. And Google released the Custom Search Engine.

So, what does this have to do with search plugins? Read on and you will know:

What’s new in IE7 and Firefox 2 […]

Default Passwords List A comprehensive list of default passwords for a variety of systems. (tags: security reference hacking password) […]

I came across this Chinese website that has hundreds of e-books about Oracle, Microsoft, Dreamweaver, Flash, Java, PHP, mySQL, Linux, Cisco and many many more, all ready for your online reading pleasure. I do not think this is legal. At least, it is as legal as software piracy.

Using Google to find answers is a good idea, but when it comes to finding answers to technical questions, hitting the documentation first is a very smart move that may save you some humiliation later on.

When you ask “obvious” questions on forums or mailing lists, there is a good chance that the more experienced […]

SearchOracle.com has just published a couple of interesting podcasts.

The first, titled Expert says PL/SQL change needed in Oracle 11g, is an interview with Steven Feuerstein.

In the interview, Steven answers the following questions:

Considering how big OpenWorld has become, should there be a separate conference for PL/SQL developers? Your session at the conference was entitled “Ten things you […]

Google Notebook is very useful. It enables you to clip and gather information while you’re browsing the web. It lives in your browser and online. All your web findings are gathered into one organized, easy accessible location that you can access from any computer. In fact, I use Google Notebook to store notes and ideas […]

This Tuesday is election day in the United States. It’s a big day. Political enthusiasts from both the Republican and Democrat parties go to the polls and vote for their preferred candidates for member of Congress, state legislature and governor.

But, what does this have to do with databases. Well, it turns out that the SQL […]