msgbartop
News, views, tips and tricks on Oracle and other fun stuff
msgbarbottom

Migrating from VMware to VirtualBox: Oracle Enterprise Linux

There are a growing number of people asking the question: how do you move a VMware virtual machine to VirtualBox. So it is about time the Fat Bloke rolled up his sleeves and showed us how.More…

Filed in Links, Oracle with 1 Comment | Tags: ,


Yahoo Launches SQL Interface to Twitter

The new YQL set of tables for Twitter enables any developer to use simple SQL-like queries to retrieve and post Twitter data. For simple user queries, getting a user’s twitter profile data is as simple as something like “SELECT * FROM twitter.status WHERE id=’8036408424?;“.More…

Filed in Links with Comments Off | Tags: , ,


Daily Roundup of News, Tips and Tricks for 2010-02-09

  • A list of Oracle Strategic acquisitions by category.
  • Documentation of Oracle wait groups and their wait events.
  • Oracle is preparing a public-relations onslaught, intended to change the perception of Oracle as cloud critic.
  • Oracle has agreed to acquire AmberPoint, a leader in Service-Oriented Architecture (SOA) Management.
  • This Security Alert addresses security issue CVE-2010-0073, a vulnerability in the Node Manager component of Oracle WebLogic Server. This vulnerability may be remotely exploitable without authentication, i.e. it may be exploited over a network without the need for a username and password. A knowledgeable and malicious remote user can exploit this vulnerability which can result in impacting the availability, integrity and confidentiality of the targeted system.
  • Can you trust the leading open-source database engines, PostgreSQL and MySQL, to deliver the performance and features that the Oracles, SQL Servers, and DB2s of the world do? Not just yet, but they could offer enough to meet your needs. Find out how they stack up against each other, as well as against the commercial alternatives.
Filed in Links with Comments Off


PostgreSQL vs. MySQL vs. Commercial Databases: It’s All About What You Need

Can you trust the leading open-source database engines, PostgreSQL and MySQL, to deliver the performance and features that the Oracles, SQL Servers, and DB2s of the world do? Not just yet, but they could offer enough to meet your needs. Find out how they stack up against each other, as well as against the commercial alternatives.More…

Filed in Links, Oracle with Comments Off | Tags: , , ,


Oracle Security Alert for CVE-2010-0073 – WebLogic Server

This Security Alert addresses security issue CVE-2010-0073, a vulnerability in the Node Manager component of Oracle WebLogic Server. This vulnerability may be remotely exploitable without authentication, i.e. it may be exploited over a network without the need for a username and password. A knowledgeable and malicious remote user can exploit this vulnerability which can result in impacting the availability, integrity and confidentiality of the targeted system.More…

Filed in Links, Oracle with Comments Off | Tags:


Oracle Buys AmberPoint

Oracle has agreed to acquire AmberPoint, a leader in Service-Oriented Architecture (SOA) Management.More…

Filed in Links, Oracle with Comments Off | Tags:


Oracle signals change of tone about cloud

Oracle is preparing a public-relations onslaught, intended to change the perception of Oracle as cloud critic.More…

Filed in Links, Oracle with Comments Off | Tags:


Daily Roundup of News, Tips and Tricks for 2010-02-08

  • On Friday, Ken Jacobs announced his resignation from Oracle to key members of the MySQL team via e-mail. Jacobs, a 28-year Oracle veteran and one of its first 20 hires, has been Oracle's liaison with the MySQL community for the past several years, ever since Oracle acquired the popular MySQL storage engine, InnoDB.
  • SAP CEO Leo Apotheker resigned on Feb. 7 after he and the SAP Supervisory Board "reached a mutual agreement" not to extend Apotheker’s contract as a member of the SAP Executive Board, SAP named Bill McDermott, head of SAP’s field organization and Jim Hagermann Snabe, head of product development as co-CEOs replacing Apotheker as sole CEO.
  • Oracle’s Larry Ellison threw down the gauntlet recently when he made claims about the superiority of Oracle over DB2. IBM has, of course, responded. Here are the Oracle claims and the IBM rebuttals.
  • It is an interesting case of coincidental timing that within a week of the Oracle Sun deal being finalised by the EU1 that the Blackhat conference in DC should publish David Litchfield’s research for NGS Software 2, on how to escalate privilege using the Java functionality built into the Oracle DB 3. David’s research is not patched yet so would normally have only been made privy to the Administrators at Oracle’s SecAlert, but it has been made “Public” so it is now risk mitigation time. Thankfully these Java related Oracle vulnerabilities have been discussed privately for a number of months beforehand, thus giving the Author time to fix them with a provably low risk of affecting other Oracle functionality. In the absence of a patch from Oracle this paper provides information on how to fix the Java related vulnerabilities in both 10g and 11g which were detailed in David’s Blackhat presentation on February 2nd 2010.
  • This is a somewhat complicated example that builds a couple of sample tables, uses a SQL statement with the Oracle analytic function LEAD submitted through ADO in an Excel macro, and then presents the information on an Excel worksheet. When the user clicks one of three buttons on the Excel worksheet, an Excel macro executes that then build charts using disconnected row sources – a disconnected ADO recordset is used to sort the data categories before pushing that data into the charts that are built on the fly.
Filed in Links with Comments Off


Excel – Charting the Results of Oracle Analytic Functions

This is a somewhat complicated example that builds a couple of sample tables, uses a SQL statement with the Oracle analytic function LEAD submitted through ADO in an Excel macro, and then presents the information on an Excel worksheet. When the user clicks one of three buttons on the Excel worksheet, an Excel macro executes that then build charts using disconnected row sources – a disconnected ADO recordset is used to sort the data categories before pushing that data into the charts that are built on the fly.More…

Filed in Links, Oracle with Comments Off | Tags: , , ,


Securing Java In Oracle [PDF]

It is an interesting case of coincidental timing that within a week of the Oracle Sun deal being finalised by the EU1 that the Blackhat conference in DC should publish David Litchfield’s research for NGS Software 2, on how to escalate privilege using the Java functionality built into the Oracle DB 3. David’s research is not patched yet so would normally have only been made privy to the Administrators at Oracle’s SecAlert, but it has been made “Public” so it is now risk mitigation time.

Thankfully these Java related Oracle vulnerabilities have been discussed privately for a number of months beforehand, thus giving the Author time to fix them with a provably low risk of affecting other Oracle functionality.

In the absence of a patch from Oracle this paper provides information on how to fix the Java related vulnerabilities in both 10g and 11g which were detailed in David’s Blackhat presentation on February 2nd 2010.More…

Filed in Links, Oracle, Security with Comments Off | Tags: