SQL Injection via CTXSYS.DRILOAD in Oracle 8i/9i
Name SQL Injection via CTXSYS.DRILOAD in Oracle 8i/9i
Systems Affected Oracle 8i / Oracle9i (all platforms)
Severity High Risk
Category SQL Injection
Vendor URL http://www.oracle.com
Author Alexander Kornbrust (ak at red-database-security.com)
Date 15 Apr 2005 (V 1.01)
Advisory RDS_20040903_1
Details
Any valid database user can become DBA (if CTXSYS is installed) by executing the package DRILOAD
by submitting a specially crafted parameter.
Workarounds
Drop user CTXSYS (if not needed) or
Patch Information
Please see MetaLink Document ID 281189.1 for the patch download procedures and for the Patch Availability Matrix for this Oracle Security Alert.
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=281189.1
History:
5 Januar 2004 Oracle was informed
6 Januar 2004 Bug confirmed
31 August 2004 Oracle published alert 68
History:
http://www.idefense.com/application/poi/display?id=136&type=vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA04-245A.html
About Red-Database-Security GmbH
Red-Database-Security GmbH is a specialist in Oracle Security.
http://www.red-database-security.com/
info at red-database-security.com
(c) 2004 by Red-Database-Security GmbH