'Highly Irregular' Backdoor Found In Oracle Databases

Any business that runs an Oracle ORCL +0.9% eBusiness Suite should look to patch their systems today. That’s because there’s a nasty vulnerability that allows anyone to totally take over the database server associated with the suite. That likely means usernames, passwords and other kinds of critical data linked to financial and human resources applications are in danger.

The bug isn’t new either. It was reported to Oracle last year by Australian researcher David Litchfield. He told Forbes the bug amounted to “a major misconfiguration flaw”, which meant any user was given privileges that only a system administrator should have had. With the right knowhow, it would be trivial for anyone to get complete control over the database, he added.
READ MORE: http://www.forbes.com/sites/thomasbrewster/2015/01/20/glaring-oracle-bac...