[VoiceOps] Oracle security alert (US CERT TA10-012A)
hiersd at gmail.com
hiersd at gmail.com
Wed Jan 13 10:40:28 EST 2010
Oracle is used in many of the commercial voip systems, and they just
released a big security patch bundle.
There is a pretty big pile of 3rd party software jammed into the various
platforms. Broadsoft has around 40 different parties listed in
thier "thrid-party acknowledgement" list.
How closely do you monitor this kind of thing?
With good architecture and other controls, you can keep most of the
vulnerable code fairly well isolated from The Wild, but China, Inc can be
pretty persistent when they get curious (just ask google:
http://www.google.com/search?q=google+china !).
Thanks,
David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20100113/8f0f1b74/attachment.html>
More information about the VoiceOps
mailing list