|
|
|
|
| |
| Internet Security Systems (ISS) X-Force has discovered a vulnerability in the listener program in Oracle Enterprise Server. It is possible for a remote attacker to gain access to the Oracle owner operating system account and the Oracle database, and to execute code in various operating systems. |
| |
Credit:
The information has been provided by X-Force.
|
| |
Affected Products and Releases:
Oracle listener program releases 7.3.4, 8.0.6, and 8.1.6 on all platforms.
Description:
The Oracle listener program accepts remote commands from remote listener controllers. If configured properly, a password is required to authenticate a user before issuing a listener command. The default Oracle installation does not allow a password for the listener program to be indicated. If a password has not been set, the Oracle listener program can be configured to append log information to a file. Due to a problem with the SET TRC_FILE and SET LOG_FILE commands, these values can be changed to any file name. This allows an attacker to create a new file or corrupt an existing file.
The information logged by the listener program can be specified by an attacker by sending a specially formed connect packet to the listener. This logged information can be changed to include commands and escape characters, allowing an attacker to gain access to an operating system account.
Recommendations:
Oracle recommends that customers download the patches for this vulnerability from Oracle's Worldwide Support Services website http://metalink.oracle.com. Customers can reference generic bug number 1361722 filed against the listener program.
Customers will also find a security alert for this issue on the Oracle Technology Network at the following URL:
http://otn.oracle.com/deploy/security/alerts.htm
|
|
|
|
|
|
|
|
|
|
