In my previous blog, I tried to explain why the fundamental Oracle flaw is dangerous. On the other hand, in my tests I couldn’t find a way to pass a higher SCN to a target DB to crash it. Since then, I’m trying to verify that this flaw can be can exploited. Here’s a short video of one of my tests:

So what’s the next move? According to my first impressions, the latest CPU Patch solves the SCN problem. Patched database detects big SCN jumps and denies remote transactions. So I’ll repeat myself again: Please apply the CPU as soon as possible.

No Responses to “Fundamental Oracle Flaw Revealed (Part II)”


  1. Fundamental Oracle flaw revealed??? Update …! | Upgrade your Database - NOW! - […] for sure I did visit Gökhan’s blog and I did watch his very interesting 5 minutes demonstration how to…

Leave a Reply

Your email address will not be published. Required fields are marked *