what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Secunia Security Advisory 13862

Secunia Security Advisory 13862
Posted Jan 22, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - 23 vulnerabilities have been reported in various Oracle products. Some have an unknown impact and others can be exploited to disclose sensitive information, gain escalated privileges, conduct PL/SQL injection attacks, manipulate information, or cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability, sql injection
SHA-256 | 668ec5286dd5e1e306f99888b2f7f1c893748d03d44489fa9a973377dc222737

Secunia Security Advisory 13862

Change Mirror Download

TITLE:
Oracle Products 23 Vulnerabilities

SECUNIA ADVISORY ID:
SA13862

VERIFY ADVISORY:
http://secunia.com/advisories/13862/

CRITICAL:
Moderately critical

IMPACT:
Unknown, Manipulation of data, Exposure of sensitive information,
Privilege escalation, DoS

WHERE:
>From remote

SOFTWARE:
Oracle9i Database Standard Edition
http://secunia.com/product/358/
Oracle9i Database Enterprise Edition
http://secunia.com/product/359/
Oracle9i Application Server
http://secunia.com/product/443/
Oracle8i Database
http://secunia.com/product/360/
Oracle E-Business Suite 11i
http://secunia.com/product/442/
Oracle Database Server 10g
http://secunia.com/product/3387/
Oracle Collaboration Suite Release 2
http://secunia.com/product/2451/
Oracle Applications 11i
http://secunia.com/product/1916/
Oracle Application Server 10g
http://secunia.com/product/3190/

DESCRIPTION:
23 vulnerabilities have been reported in various Oracle products.
Some have an unknown impact and others can be exploited to disclose
sensitive information, gain escalated privileges, conduct PL/SQL
injection attacks, manipulate information, or cause a DoS (Denial of
Service).

1) A boundary error in the Networking component can be exploited by
malicious database users to crash the database via a specially
crafted connect string.

Successful exploitation requires permissions to create database
links.

2) An unspecified error in the LOB Access component can be exploited
to disclose sensitive information.

Successful exploitation requires permissions to read on a database
directory object.

3) An unspecified error in the Spatial component can potentially be
exploited to disclose information, manipulate data, or cause a DoS.

Successful exploitation requires execute permissions on the mdsys.md2
package.

4) An unspecified error in the UTL_FILE component can potentially be
exploited to manipulate information.

Successful exploitation requires permissions to read on a database
directory object.

5) An unspecified error in the Diagnostic component can potentially
be exploited to disclose information, manipulate data, or cause a
DoS.

6) An unspecified error in the XDB component can potentially be
exploited to disclose or manipulate information.

Successful exploitation requires execute permissions on the
xdb.dbms_xdb packages.

7+8) Two unspecified errors in the XDB component can potentially be
exploited to disclose or manipulate information.

Successful exploitation requires execute permissions on the
xdb.dbms_xdbz0 package.

9) An unspecified error in the Dataguard component can potentially be
exploited to disclose or manipulate information.

Successful exploitation requires execute permissions on the
exfsys.dbms_expfil package.

10) An unspecified error in the Log Miner component can potentially
be exploited to disclose or manipulate information.

Successful exploitation requires execute permissions on the
dbms_logmnr package.

11) An unspecified error in the OLAP component can potentially be
exploited to disclose or manipulate information.

Successful exploitation requires execute permissions on the olapsys
package.

12) An unspecified error in the Data Mining component can potentially
be exploited to disclose or manipulate information.

Successful exploitation requires execute permissions on the
dmsys.dmp_sys package.

13) An unspecified error in the Advanced Queuing component can
potentially be exploited to disclose or manipulate information.

Successful exploitation requires execute permissions on the
dbms_transform_eximp package.

14) An unspecified error in the Change Data Capture component can
potentially be exploited to disclose or manipulate information.

Successful exploitation requires execute permissions on the
dbms_cdc_dputil package.

15) An unspecified error in the Change Data Capture component can
potentially be exploited to disclose or manipulate information.

Successful exploitation requires execute permissions on the
dbms_cdc_impdp package.

16) An unspecified error in the Database Core component can be
exploited to disclose or manipulate information.

17) An unspecified error in the OHS component can potentially be
exploited to disclose or manipulate information.

Successful exploitation requires execute permissions on the
owa_opt_lock package.

18) An unspecified error in the Report Server component can be
exploited to disclose or manipulate information.

19) An unspecified error in the Forms component can be exploited to
cause a DoS (Denial of Service).

20) An unspecified error in the mod_plsql component can potentially
be exploited to disclose or manipulate information.

Successful exploitation requires execute permissions on the
owa_opt_lock package.

21) An unspecified error in the Calendar component can potentially be
exploited to disclose information, manipulate data, or cause a DoS by
viewing a malicious image.

22) An unspecified error in Oracle E-Business Suite can potentially
be exploited to disclose or manipulate information.

Successful exploitation requires a valid session.

23) Another unspecified error in Oracle E-Business Suite can
potentially also be exploited to disclose or manipulate information.

The vulnerabilities affect the following versions:
* Oracle Database 10g Release 1, versions 10.1.0.2, 10.1.0.3 and
10.1.0.3.1
* Oracle9i Database Server Release 2, versions 9.2.0.4, 9.2.0.5 and
9.2.0.6
* Oracle9i Database Server Release 1, versions 9.0.1.4, 9.0.1.5 and
9.0.4 (9.0.1.5 FIPS)
* Oracle8i Database Server Release 3, version 8.1.7.4
* Oracle8 Database Release 8.0.6, version 8.0.6.3
* Oracle Application Server 10g Release 2 (10.1.2)
* Oracle Application Server 10g (9.0.4), versions 9.0.4.0 and
9.0.4.1
* Oracle9i Application Server Release 2, versions 9.0.2.3 and
9.0.3.1
* Oracle9i Application Server Release 1, version 1.0.2.2
* Oracle Collaboration Suite Release 2, version 9.0.4.2
* Oracle E-Business Suite and Applications Release 11i (11.5)
* Oracle E-Business Suite and Applications Release 11.0

SOLUTION:
Apply patches.
http://metalink.oracle.com/metalink/plsql/showdoc?db=NOT&id=293953.1

PROVIDED AND/OR DISCOVERED BY:
The vendor credits the following people:
* Pete Finnigan
* Alexander Kornbrust, Red Database Security
* Stephen Kost, Integrigy
* David Litchfield, NGSSoftware

ORIGINAL ADVISORY:
Oracle:
http://otn.oracle.com/deploy/security/pdf/cpu-jan-2005_advisory.pdf

NGSSoftware:
http://www.nextgenss.com/advisories/oracle-02.txt

Pete Finnigan:
http://www.petefinnigan.com/directory_traversal.pdf

Red Database Security:
http://www.red-database-security.com/content6.html

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close