[VoiceOps] Oracle security alert (US CERT TA10-012A)

hiersd at gmail.com hiersd at gmail.com
Wed Jan 13 10:40:28 EST 2010


Oracle is used in many of the commercial voip systems, and they just  
released a big security patch bundle.

There is a pretty big pile of 3rd party software jammed into the various  
platforms. Broadsoft has around 40 different parties listed in  
thier "thrid-party acknowledgement" list.

How closely do you monitor this kind of thing?

With good architecture and other controls, you can keep most of the  
vulnerable code fairly well isolated from The Wild, but China, Inc can be  
pretty persistent when they get curious (just ask google:  
http://www.google.com/search?q=google+china !).


Thanks,

David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20100113/8f0f1b74/attachment.html>


More information about the VoiceOps mailing list