Red-Database-Security GmbH is specialized in Oracle Security

Products
Repscan 2.5
Hedgehog Enterprise
Checkpwd (free)

Services
Oracle Audit / Hardening
Security Training
Consulting

Information
Oracle Security Blog
Published Alerts
Upcoming Alerts
Patch Information
Whitepaper
Presentations
Oracle Fact Sheets
Exploits
Tutorials
Videos
Scripts

News & Events
Events
News

Company
Contact
People
Partner
Impressum
Sitemap


Search



Search Red-Database-Security
Oracle CPU July 2005 - Silently fixed bugs - V1.02


After reading all the documentation and some tests with the CPU July 2005 I found out that Oracle fixed some security bugs silently without mention these bugs in their current risk matrix.

Detailed information about most of these bugs are not available via Metalink but in many cases the description is
sufficient for a malicious attacker (e.g. "/DAV_PUBLIC IS NOT PROTECTED BY DEFAULT ENABLING MALITIOUS USER TO FILL IT UP").

For OHS 9.0.2.3:

3174425 - OHS CRASHES WITH A SPECIFIC REQUEST
3396862 - MOD_OSSO DOES NOT EXPIRE PARTNER APPLICATION COOKIES

For Mod_Oradav 9.0.2.3:

2544464 - ORAALTPASSWORD SHOULD BE ENCRYPTED AND NOT JUST OBFUSCATED

For Webcache 9.0.2.3:

2972458 - WEBCACHE SERVES DOCUMENTS AT 40 BIT ENCRYPTION WHEN 128 SPECIFIED IN OHS

For OHS 9.0.3.1:

3164583 - INACTIVITY TIMEOUT CAN BE BYPASSED USING BROWSER BACK BUTTON
2701804 - OHS HANGS: NO BUFFER SPACE AVAILABLE: ACCEPT: (CLIENT SOCKET)
3174425 - OHS CRASHES WITH A SPECIFIC REQUEST

For DB 9.0.1.4 or DB 9.0.1.5:

3889519 - UPLOAD IN SSL DOES NOT WORK WITH IE AFTER SECALERT 68 OR DB PATCH 9015

DB 9.0.1.5Fips Patch 4 : 4340015

4067484 SSO SERVER XSS CHECK

DB 9.0.1.5Fips Patch 2 : 4210722

2605435 : MEMORY LEAK WHEN EXECUTING A QUERY THROUGH TAF CONNECTION



References


History
  • 1.02 - New Layout (3-nov-2005)
  • 1.00 - Initial Version

Excerpt from the Patch README Files
###########################################
README for 4393850 Patch Details

Oracle Critical Patch Update July 2005
Release Notes for Oracle Application Server Version 9.0.2.3

For OHS 9.0.2.3:
3174425 - OHS CRASHES WITH A SPECIFIC REQUEST
3396862 - MOD_OSSO DOES NOT EXPIRE PARTNER APPLICATION COOKIES

For Mod_Oradav 9.0.2.3:
2544464 - ORAALTPASSWORD SHOULD BE ENCRYPTED AND NOT JUST OBFUSCATED

For Webcache 9.0.2.3
2972458 - WEBCACHE SERVES DOCUMENTS AT 40 BIT ENCRYPTION WHEN 128 SPECIFIED IN OHS

###########################################
README for 4437086 Patch Details

Oracle Critical Patch Update July 2005
Release Notes for Oracle Database Server Version 9.0.1.5 Patch 7

OHS 9.0.2.3:
3174425 - OHS CRASHES WITH A SPECIFIC REQUEST
3396862 - MOD_OSSO DOES NOT EXPIRE PARTNER APPLICATION COOKIES

For Mod_Oradav 9.0.2.3:
2544464 - ORAALTPASSWORD SHOULD BE ENCRYPTED AND NOT JUST OBFUSCATED

For Webcache 9.0.2.3
2972458 - WEBCACHE SERVES DOCUMENTS AT 40 BIT ENCRYPTION WHEN 128 SPECIFIED IN OHS

###########################################
README for 4392477 Patch Details

Oracle Critical Patch Update July 2005
Release Notes for Oracle Database Server Version 9.0.1.5

OHS 9.0.2.3:
3174425 - OHS CRASHES WITH A SPECIFIC REQUEST
3396862 - MOD_OSSO DOES NOT EXPIRE PARTNER APPLICATION COOKIES

For Mod_Oradav 9.0.2.3:
2544464 - ORAALTPASSWORD SHOULD BE ENCRYPTED AND NOT JUST OBFUSCATED

For Webcache 9.0.2.3
2972458 - WEBCACHE SERVES DOCUMENTS AT 40 BIT ENCRYPTION WHEN 128 SPECIFIED IN OHS

###########################################
For OHS 9.0.3.1:

3164583 - INACTIVITY TIMEOUT CAN BE BYPASSED USING BROWSER BACK BUTTON
2701804 - OHS HANGS: NO BUFFER SPACE AVAILABLE: ACCEPT: (CLIENT SOCKET)
3174425 - OHS CRASHES WITH A SPECIFIC REQUEST

For Mod_Oradav 9.0.3.1
2544464 - ORAALTPASSWORD SHOULD BE ENCRYPTED AND NOT JUST OBFUSCATED

For DB 9.0.1.4 or DB 9.0.1.5
3889519 - UPLOAD IN SSL DOES NOT WORK WITH IE AFTER SECALERT 68 OR DB PATCH 9015

###########################################
README for 4393858 Patch Details

Oracle Critical Patch Update July 2005
Release Notes for Oracle Application Server Version 9.0.4.0

For DB 9.0.1.5FIPS:
3889519 - UPLOAD IN SSL DOES NOT WORK WITH IE AFTER SECALERT 68 OR DB PATCH 9015

###########################################
README for 4415825 Patch Details

Oracle Critical Patch Update July 2005
Release Notes for Oracle Database Server Version 9.0.1.5FIPS

For DB 9.0.1.5FIPS:
3889519 - UPLOAD IN SSL DOES NOT WORK WITH IE AFTER SECALERT 68 OR DB PATCH 9015

###########################################
README for 4437081 Patch Details

Oracle Critical Patch Update July 2005
Release Notes for Oracle Database Server Version 9.0.1.5FIPS Patch 5

DB 9.0.1.5Fips Patch 4 : 4340015

4067484 SSO SERVER XSS CHECK

DB 9.0.1.5Fips Patch 2 : 4210722
2605435 : MEMORY LEAK WHEN EXECUTING A QUERY THROUGH TAF CONNECTION

###########################################


2005 by Red-Database-Security GmbH - last update 03-nov-2005

Oracle Patch Policy

Vulnerability Fixing Order of Oracke Vulnerabilities

  • Main line of Code
  • New Products (e.g. 10g Rel. 2)
  • Patchsets for older products (e.g. 9.2.0.7)
  • Critical Patch Update

More information available on Oracle OTN:

Security Vulnerability Fixing Policy and Process