21-Apr-2009: CPUapr2009

CPUapr2009 came out. CVE-2009-0991 Listener vulnerability was discovered by me, and here is PoC for it (Python code).

Update: It is some kind of RPC inside Oracle RDBMS, called, If I correct, RO (remote operation). And the problem is about correct parsing of such packets.


This open sourced site and this page in particular is hosted on GitHub. Patches, suggestions and comments are welcome.


→ [list of blog posts, my twitter/facebook]

Please drop me email about any bug(s) and suggestion(s): dennis(@)yurichev.com.