Secunia Security Advisory - David Litchfield has reported a vulnerability in various Oracle products, which can be exploited by malicious people to bypass certain security restrictions.
a6a0d947804f8b6036d49cbd8591316f5773891e2894ebe9da49378e4d8f1c38
TITLE:
Oracle Products PL/SQL Gateway Security Bypass Vulnerability
SECUNIA ADVISORY ID:
SA18621
VERIFY ADVISORY:
http://secunia.com/advisories/18621/
CRITICAL:
Highly critical
IMPACT:
Security Bypass
WHERE:
>From remote
SOFTWARE:
Oracle9i Database Standard Edition
http://secunia.com/product/358/
Oracle9i Database Enterprise Edition
http://secunia.com/product/359/
Oracle9i Application Server
http://secunia.com/product/443/
Oracle Application Server 10g
http://secunia.com/product/3190/
Oracle Database 8.x
http://secunia.com/product/360/
Oracle HTTP Server 8.x
http://secunia.com/product/2596/
Oracle HTTP Server 9.x
http://secunia.com/product/2597/
DESCRIPTION:
David Litchfield has reported a vulnerability in various Oracle
products, which can be exploited by malicious people to bypass
certain security restrictions.
The vulnerability is caused due to an error in the Oracle PL/SQL
Gateway component during the validation of certain HTTP requests.
This can be exploited to bypass the PLSQLExclusion list and gain
access to excluded packages and procedures via specially-crafted HTTP
requests.
Successful exploitation allows an attacker to gain DBA access to the
database server through the web server.
The vulnerability has been reported in the PL/SQL Gateway component
included in the Oracle Application Server and the Oracle HTTP
Server.
Note: The affected component may also be included in other Oracle
products.
SOLUTION:
Filter malicious characters and character sequences in a proxy or
firewall with URL filtering capabilities.
PROVIDED AND/OR DISCOVERED BY:
David Litchfield
ORIGINAL ADVISORY:
http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041742.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed