yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.

2008 West
Data Direct
SOA, WOA and Cloud Computing: The New Frontier for Data Services
Red Hat
The Opening of Virtualization
User Environment Management – The Third Layer of the Desktop
Cloud Computing for Business Agility
CMIS: A Multi-Vendor Proposal for a Service-Based Content Management Interoperability Standard
Freedom OSS
Practical SOA” Max Yankelevich
Architecting an Enterprise Service Router (ESR) – A Cost-Effective Way to Scale SOA Across the Enterprise
Return on Assests: Bringing Visibility to your SOA Strategy
Managing Hybrid Endpoint Environments
Game-Changing Technology for Enterprise Clouds and Applications
Click For 2008 West
Event Webcasts

2008 West
Get ‘Rich’ Quick: Rapid Prototyping for RIA with ZERO Server Code
Keynote Systems
Designing for and Managing Performance in the New Frontier of Rich Internet Applications
How Can AJAX Improve Homeland Security?
Beyond Widgets: What a RIA Platform Should Offer
REAs: Rich Enterprise Applications
Click For 2008 Event Webcasts
Today's Top SOA Links

UPnP Forum Responds to Recently Identified LibUPnP/MiniUPnP Security Flaw

BEAVERTON, OR -- (Marketwire) -- 02/08/13 -- UPnP Forum -- the global standards body that has paved the way for seamless connectivity between more than a billion devices -- today responds to concerns over a security flaw identified by Rapid7 in the open source, third party libraries 'libupnp' hosted at SourceForge and MiniUPnP hosted at

On January 29th, UPnP Forum members received the public news that Rapid7 has identified a security flaw in the open source, 3rd party stacks libupnp and MiniUPnP. Based on Rapid7's white paper, the flaw is only in the implementation of old versions of libupnp (older than 1.6.18) and MiniUPNP (older than 1.4). The flaws are NOT associated with the UPnP specifications themselves or UPnP Forum's certification process for UPnP stacks. In addition, the flaws outlined by Rapid 7 show an implementation responding to UPnP protocols on the WAN ports of routers that existing UPnP standards are not designed for. Existing UPnP protocols are only intended for LAN usage that is not forwarded on to the internet.

The UPnP Forum is encouraging all vendors using open source implementations of protocol stacks to ensure they are using the latest releases and are active in ensuring that the security of those stacks is maintained. In the case of the libupnp and MiniUPnP, the UPnP Forum has posted a message to its website to help consumers and vendors identify the problem in this third party software. Please note that other issues have been identified in the latest version of MiniUPnP, 1.4, but they won't be publicly disclosed until the library's developer releases a patch to address them, so we advise caution on any further usage of this stack until such time. We are also looking into test tool enhancements that can identify implementations coming for certification that continue to use this flawed older versions of UPnP stacks. Numerous other closed and open source stacks exist in the UPnP ecosystem to use as alternatives if you have remaining concerns over libupnp or MiniUPNP.

For gateway vendors both affected and unaffected by this identified flaw, the UPnP Forum continues to advise that vendors implement the latest version of the Internet Gateway Device (v2) rather than the V1 that is deployed today. Along with our Device Protection standard, this specification provides numerous enhancements for security as well as necessary enhancements like the growing deployment of IPv6.

For further information about UPnP Forum please go to For general questions, please e-mail

About UPnP Forum
UPnP Forum, established in 1999, is a global alliance of more than 950 industry-leading organizations working to enable device-to-device interoperability and facilitate easier and better home networking. The Forum promotes the adoption of uniform technical device interconnectivity standards and certifies devices conforming to these standards. UPnP Forum is an impartial group enabling member companies to participate and develop extensions to the UPnP Device Architecture, which defines how to use the Internet Protocol (IP) to communicate between devices, and Device Control Protocols (DCPs), which are services between devices. Members of UPnP Forum include market leaders in computing, printing and networking, consumer electronics, home appliances, automation, control and security, and mobile products.

For media enquiries please contact:
Dana Corson
Proactive PR
Email Contact
Tel: +44 1636812152
Mobile: +44 7795 615466

About Marketwired .
Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Web 2.0 Latest News
Intuit uses deep-data analytics to gain a 360-degree view of its TurboTax application's users’ behavior and preferences for rapid applications improvements. The next BriefingsDirect big-data innovation case study highlights how Intuit uses deep-data analytics to gain a 360-degree view...
Certain CIOs for incomprehensible reasons keep off their cloud transformation projects several key IT disciplines including Enterprise Architecture (EA), IT Service Management (ITSM) and most importantly Project Management. Do they consider them obsolete? useless? irrelevant? ITaaS St...
In today’s pharmaceutical supply chain, counterfeit activity is thriving. As pharma companies have expanded target markets and outsourced production over the last decade, the supply chain has become increasingly global, virtual, and vulnerable. Illicit activity has thrived, and patient...
Here’s the thing: as sure as we’ll have another record-setting year for NFL streaming, you can also be sure that apps will fail and streaming services will go down. Whether you are dabbling in streaming or diving in whole-hog, you need to know what to do to give your users the most rel...
This is how a typical software product lifecycle works : You gather requirements, build a prototype, detail out the architecture and design, develop the product, test it, deploy the product, handle migration and maintenance and ensure product support. This is a closed loop where the Pr...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)!

Advertise on this site! Contact advertising(at)! 201 802-3021

SYS-CON Featured Whitepapers