{"id":2261,"date":"2012-09-21T06:50:46","date_gmt":"2012-09-21T01:20:46","guid":{"rendered":"https:\/\/www.qadit.com\/blog\/?p=2261"},"modified":"2012-10-06T12:55:00","modified_gmt":"2012-10-06T07:25:00","slug":"flaw-in-oracle-logon-protocol-leads-to-easy-password-cracking","status":"publish","type":"post","link":"https:\/\/qadit.com\/blog\/flaw-in-oracle-logon-protocol-leads-to-easy-password-cracking\/","title":{"rendered":"Flaw in Oracle Logon Protocol Leads to Easy Password Cracking"},"content":{"rendered":"<p>There is a serious vulnerability in the authentication protocol used by some Oracle databases, a flaw that could enable a remote attacker to brute-force a token provided by the server prior to authentication and determine a user&#8217;s password. The attacker could then log on as an authenticated user and take unauthorized actions on the database. The researcher who discovered the bug has a tool that can crack some simple passwords in about five hours on a normal PC.<\/p>\n<p>Original article at <a href=\"https:\/\/threatpost.com\/en_us\/blogs\/flaw-oracle-logon-protocol-leads-easy-password-cracking-092012\">Threatpost<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>There is a serious vulnerability in the authentication protocol used by some Oracle databases, a flaw that could enable a remote attacker to brute-force a token provided by the server prior to authentication and determine a user&#8217;s password. The attacker could then log on as an authenticated user and take unauthorized actions on the database. &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/qadit.com\/blog\/flaw-in-oracle-logon-protocol-leads-to-easy-password-cracking\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Flaw in Oracle Logon Protocol Leads to Easy Password Cracking&#8221;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[12],"tags":[259],"class_list":["post-2261","post","type-post","status-publish","format-standard","hentry","category-itsec","tag-flaw-in-oracle-logon-protocol-leads-to-easy-password-cracking"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9AH7Q-At","_links":{"self":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/2261","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/comments?post=2261"}],"version-history":[{"count":0,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/2261\/revisions"}],"wp:attachment":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/media?parent=2261"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/categories?post=2261"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/tags?post=2261"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}