Buffer Overflow in DBMS_SYSTEM.KSDWRT() in Oracle8i – 9i
Name Buffer Overflow in DBMS_SYSTEM.KSDWRT() in Oracle8i - 9i
Systems Affected Oracle 8i - Oracle9i (all platforms)
Severity Medium Risk
Category Denial of Service (Database Crash)
Vendor URL http://www.oracle.com
Author Alexander Kornbrust (ak at red-database-security.com)
Date 15 Apr 2005 (V 1.01)
An Oracle user with the permission to execute the dbms_system package can crash the entire database by using a specially crafted parameter for the function KSDWRT(). By default only DBA users have access to this package.
It is possible sometimes for application developers or the application itself to have access to this package for writing messages into the alert.log. (Details how to use this package are published on OTN. http://otn.oracle.com/oramag/code/tips2003/011203.html)
Revoke grants from dbms_system.
Please see MetaLink Document ID 281189.1 for the patch download procedures and for the Patch Availability Matrix for this Oracle Security Alert.
24 July 2003 Oracle was informed
24 July 2003 Bug confirmed
31 August 2004 Oracle published alert 68
About Red-Database-Security GmbH
Red-Database-Security GmbH is a specialist in Oracle Security.
(c) 2004 by Red-Database-Security GmbH