Team SHATTER Security Advisory - Oracle Database Server versions 10gR1, 10gR2 (10.2.0.4 and previous patchsets) and 11gR1 (11.1.0.7 and previous patchsets) suffer from a password hash information leak in the OCIPasswordChange API.
e2d8ceacee689c85e629fe5bfcccd557fbcf5ea5105b2a0f0175aef82bc1a1bb