Critical Flaw Exposes Oracle Database Passwords
 

f you are an Administrator of Oracle Database 11g versions 1 or 2, you have a problem. Researchers have recently (re)discovered a serious vulnerability which will allow even the most primitive hackers database access. According to Fayó, Oracle currently has no plans to patch version 11.1 of the protocol to fix the flaw, and they aren't doing much to help customers migrate to version 12, either.

http://www.hardocp.com/news/2012/09/...ase_passwords/