A bug in the design of the Oracle database — the world’s top-selling
software for storing electronic information — could allow hackers to break into
private databases via the Internet, said David Litchfield, chief research
scientist of NGSSoftware Ltd, a UK-based computer security company.
"It allows an attacker without a user ID and password to take complete
control. All firewalls become irrelevant," Litchfield said on Wednesday after
presenting his research at the Black Hat hacking conference in Washington.