Category: Uncategorized

Log4J and Oracle Enterprise Manager

Log4j issues allow a remote client to execute code without authentication. Software vendors spent the last two months thinking of the impact and the mitigations. The bad: If you have Enterprise Manager, you have multiple web services, like em itself (https://oms.example.com:7799/em), the weblogic console (https://oms.example.com:7102/console), the agent (https://dbsrv01.example.com:3872/emd/main/) and others. This makes you an easy […]

Log4J and Oracle Database

CVE-2021-44228 issue allows an user without authentication to execute code. It is tremendously easy to exploit, it is more a working-as-designed feature than a hard-core memory glitch. Log4j is a logging library for java. If you enter some unexpected string, your web server may log it to a logfile. What’s your name? John What’s your […]

TNS resolution with LDAP and SSL

Post author By Laurent Schneider
Post date November 26, 2021
Categories In Uncategorized
1 Comment on TNS resolution with LDAP and SSL

Long time ago, ldapsearch without password and without ssl was the way to go. But clear-text authentication (so called simple-bind) is a security leak. More and more, directory server vendors and administrators are closing the default non-ssl port and enforce authentication. And if you use ldap for TNS naming, things will break. Back in 2003, […]

return code before grep

In my previous post hide-password-from-ps-output-sql-loader I mentioned a way to pass the password to the loader thru a parameter file. As correctly suggested by Brian Tkatch, the password could be passed as standard input sqlldr control=x.ctl silent=header,feedback

switched from blogspot to my own domain

Post author By Laurent Schneider
Post date November 29, 2006
Categories In Uncategorized
9 Comments on switched from blogspot to my own domain

Download my feed : https://laurentschneider.com/feed/