|
|
| |
| A buffer overflow vulnerability was found in the SYS_CONTEXT procedure in Oracle Database Server allowing a valid database user to execute arbitrary code. |
| |
Credit:
The information has been provided by Kornbrust, Alexander - Red Database Security.
The original article can be found at: http://www.red-database-security.com/advisory/advisory_20040903_2.htm
|
| |
Vulnerable Systems:
* Oracle 9i Release 2 versions 9.2.0.0 up to and including 9.2.0.4 (Windows platform only)
Immune Systems:
* Oracle 9i Release 1
* Oracle 10g
The vulnerability can be exploited by any valid database user able to execute SQL commands via SQL Plus. The buffer overflow can then be exploited by calling the SYS_CONTEXT() function. As with all buffer overflows the cause for the vulnerability is either no bounds checking or a degenerate case leading to an overwrite of the buffer due to a programming error when performing bounds checking.
Patch Availability:
Please see MetaLink Document ID 281189.1 for the patch download procedures and for the Patch Availability Matrix for this Oracle Security Alert which can be found at:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=281189.1
Disclosure Timeline
2 September 2003 Oracle was informed
2 September 2003 Bug confirmed
31 August 2004 Oracle published alert 68
|
|
|
|
|
|
|
|
