Red-Database-Security GmbH is specialized in Oracle SecurityProductsRepscan 2.5 Hedgehog Enterprise Checkpwd (free)
Services
Information
Company |
Buffer Overflow in DBMS_REPCAT_ADMIN in Oracle 9i
Details Buffer Overflow in DBMS_REPCAT_ADMIN. This package has EXECUTE permission granted to SYSDBA or EXECUTE_CATALOG_ROLE. Members of these groups can exploit this vulnerability and crash the database or execute arbitrary code. Example BEGIN DBMS_REPCAT_ADMIN.REGISTER_USER_REPGROUP ('sys', 'longstring', ''); END; BEGIN DBMS_REPCAT_ADMIN.UNREGISTER_USER_REPGROUP ('sys', 'longstring', ''); END; Patch Information Apply the latest Oracle Security patches (e.g. CPU October 2004 or at least alert 68). © 2005 by Red-Database-Security GmbH - last update 02-nov-2005 |
Definition Exploit |