Red Database Security Advisory - Denial of Service by a simple SQL command

Buffer Overflow in SYS_CONTEXT() in Oracle 9i Rel.2

Name                          Buffer Overflow in SYS_CONTEXT() in Oracle9i Rel.2
Systems Affected      Oracle9i Rel. 2 (Windows platform only)
Severity                      Medium Risk
Category                     Buffer Overflow
Vendor URL              http://www.oracle.com
Author                        Alexander Kornbrust (ak at red-database-security.com)
Date                            15 Apr 2005 (V 1.01)
Advisory                    RDS_20040903_2

Details

Any valid database user with the possibility to run SQL commands (e.g. via SQL*Plus), can create a buffer overflow
by abusing the SYS_CONTEXT()-function. This vulnerability affects only the windows versions of Oracle 9i Rel. 2 (9.2.0.0 - 9.2.0.4).

Oracle 9i Rel. 1 or Oracle 10g are NOT affected.

Workarounds

No workarounds available.

Patch Information

Please see MetaLink Document ID 281189.1 for the patch download procedures and for the Patch Availability Matrix for this Oracle Security Alert.

http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=281189.1

History:

2 September 2003                  Oracle was informed
2 September 2003                  Bug confirmed
31 August 2004                      Oracle published alert 68

About Red-Database-Security GmbH

Red-Database-Security GmbH is a specialist in Oracle Security.

http://www.red-database-security.com/

info at red-database-security.com