Oracle CPU / PSU Advisory July 2019
Recently, just in the middle of the summer holidays, Oracle has released the third Critical Patch Advisory for its products. It seems there’s a lot of work going on in Redwood Shore. Oracle has fixed about 319 security vulnerabilities across their products. The Oracle database…
PDB_OS_CREDENTIAL with external table pre-processor
As part of a customer project I am currently enhancing PDB security and isolation. Since OS interaction is necessary, I can not just use lockdown profile to block OS access. The idea is to isolate the PDB with lockdown profiles and allow dedicated OS access….
Oracle Privilege Analysis in action
As Oracle has quite recently announced that Privilege Analysis is now included with the Oracle Database Enterprise Edition licence, I played a little bit with this cool feature to solve infamous ORA-01031: Insufficient privileges error. You can read results of my investigation in the article…
Configure Oracle EUSM to use LDAPS
With the introduction of Oracle 18c, eusm is officially designated as an Enterprise User Security Utility. It is now officially documented of the Enterprise User Security Administrator’s Guide. Before we had to be content with the somewhat sparse MOS note 1085065.1 EUSM, Command Line Tool…
Redo Transport from Oracle 11.2 to 12.2 and SYS password case-sensitivity problems
Case-sensitive passwords were introduced in Oracle Database 11g, causing some misunderstanding and introducing quite a lot of annoying problems for DBAs, even though it was really required to bring level of Oracle’s security to 21st century standards ;). Since then, even more changes were introduced,…
Oracle CPU / PSU Advisory October 2018
Oracle has recently published the Critical Patch Update Advisory for the October 2018. It’s once more quite a heavy update with not less than 301 security vulnerability fixes across the Oracle products. The Oracle database is relatively prominently represented with 3 security vulnerabilities and a…
Oracle Security at Trivadis TechEvent Fall 2018
A few days ago the semi-annual Trivadis TechEvent took place. As always, it was a great IT event where Trivadis employees and customers had the opportunity to exchange and discuss a variety of topics. I had the pleasure to give one lecture about Oracle 18c…
Oracle Unified Directory Access Log Parsing System ALPS
For one of my customers I had to analyse the log files of Oracle Unified Directory from time to time. In particular the access log file. During my research I came across the MOS note 2042620.1 and the Access Log Parsing System or short ALPS….
Oracle CPU / PSU Pre-Release Announcement July 2018
Today Oracle has published the Pre-Release Announcement for the July 2018 Critical Patch Update. It’s quite a heavy update with not less than 334 security vulnerability fixes across the Oracle products. The Oracle database is relatively prominently represented with 3 security vulnerabilities and a maximal…
DOAG 2018 SIG Security – Oracle Unified Directory on Docker
A couple of days ago I did had the opportunity to give a presentation on Oracle Unified Directory on Docker at the DOAG SIG Security day in Stuttgart. It was a great opportunity to discuss how OUD engineering can be simplified using Docker. As proof…
Social Media @trivadis