Tue 27 Oct 2009
Paul Wright has written an excellent paper on an interesting way to attack Oracle using external tables.
It just goes to show that any permission can be abused in the right circumstances. I’m still amazed that UTL_FILE is still granted to PUBLIC by default.
Anyways, great work, Paul!
No Responses to “ CREATE TABLE to OSDBA ”
Sorry, comments for this entry are closed at this time.