TUCoPS :: Oracle :: c07-2088.htm

Oracle Buffer Overflow in DBMS_LOGMNR.ADD_LOGFILE
Oracle Buffer Overflow in DBMS_LOGMNR.ADD_LOGFILE
Oracle Buffer Overflow in DBMS_LOGMNR.ADD_LOGFILE



This is a multi-part message in MIME format.
--------------030406070605020603050401
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Oracle Database Buffer overflow vulnerabilities in procedure
DBMS_LOGMNR.ADD_LOGFILE (DB04)

AppSecInc Team SHATTER Security Advisory
http://www.appsecinc.com/resources/alerts/oracle 
Jan 18, 2007

Affected versions:  Oracle Database Server versions 9iR2

Risk level:  Medium

Remote exploitable:  Yes (Authentication to Database Server is needed)

Credits:  This vulnerability was discovered and researched by Esteban
Mart=EDnez Fay=F3 of Application Security Inc.

Details:
Oracle Database Server provides the DBMS_LOGMNR package that contains
procedures used to initialize the LogMiner tool. This package contains
the procedure ADD_LOGFILE which is vulnerable to buffer overflow attacks.

Impact:
Any Oracle database user with EXECUTE privilege on the package
SYS.DBMS_LOGMNR can exploit this vulnerability. Exploitation of this
vulnerability allows an attacker to execute arbitrary code. It can also
be exploited to cause DOS (Denial of service) killing Oracle server
process.

Vendor Status:
Vendor was contacted and a patch was released.

Workaround:
Restrict access to the SYS.DBMS_LOGMNR package.

Fix:
Apply Oracle Critical Patch Update January 2007 available at Oracle
Metalink.

Links:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html 
http://www.appsecinc.com/resources/alerts/oracle 

- --
_____________________________________________
Application Security, Inc.
www.appsecinc.com 
AppSecInc is the leading provider of database security solutions for the
enterprise. AppSecInc products proactively secure enterprise
applications at more than 300 organizations around the world by
discovering, assessing, and protecting the database against rapidly
changing security threats. By securing data at its source, we enable
organizations to more confidently extend their business with customers,
partners and suppliers. Our security experts, combined with our strong
support team, deliver up-to-date application safeguards that minimize
risk and eliminate its impact on business.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org 

iD8DBQFFt+0p9EOAcmTuFN0RAjDuAKDL763jeKhKDoY7YkDYjmVTnKpW1gCfQ1vL
eLSOyryW3ZT+IVNlyBrmOHc=Abub
-----END PGP SIGNATURE-----

--------------030406070605020603050401
Content-Type: application/pgp-keys;
 name="0x64EE14DD.asc"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="0x64EE14DD.asc"

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.5 (MingW32)

mQGiBEWAUVwRBACEG29buZQSuLf2SYbTta43vwYucTwd4NA+tpgMNCyYhZPTZLGD
ra+Mg+Sj3Mv6RFQjMflKJkz0P/jnfCOqVyJWTIFdouvWh9fTU4XBikUdtU+3ZLmO
YvLAehJHMZqLUXd+wxcC+T/7qFioBoxVfZkfUfyXu2rdL6MRClGNp7w+twCg3D/f
lD8DT5Tls08gpMwAt3w6L+MD/1Qfn1vkOjo9WtDdKSodJ1Gz6XjRE4epZi2GqN5T
8dnC+4vmg8j8t9eQgkDa+kZ7Ke6MYbh69XthB9Jb3u+gNzhqHqNWZizOQH5IBYOD
orki10llvU4tEOaqWbZ0R//Z7vRmA5hPcczA8KMvHjqQGUbccasVswPiBMJIhXwj
dZqLA/99kpdCcxTKYZeW0o459BciJQULWyr6q7x6E1tjuhOFMeB6B+M4cLI50nkW
4+GXlgGbiQqO4eC9j3pkcmLXeZECLKKB5/sjixoorHBVUICrn0260ZkSbTNv9TyQ
DY1OJDwzOESNbnFiVxkDvLo3lssSlAR3i18rf3QSTepUNnkgALQkVGVhbSBTSEFU
VEVSIDxzaGF0dGVyQGFwcHNlY2luYy5jb20+iGYEExECACYFAkWAUVwCGyMFCQlm
AYAGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRD0Q4ByZO4U3WgWAJ9EjeTQI058
R1H1cG5nG08OijKi0QCfWRk3gCo/VJwDUZZTRu4ZAPAH6Nu5Ag0ERYBRZRAIAODL
A0pnKYiMIcRZLSpXmbSNSn8b7R91COkTjIGH85mR10e5406T37eh/Y3GViEe9WRY
phRf611ELeeiPsd9B6vCJzv5WNkVSk4n7WLfDjMkWWFZezeNDUKL3EsggR/xEWAD
yjvf4KVY6R2mLuk+oROoBGoY5028b6A+UmTiXh+0LdBxWoFHnYSXjfSXVUA+UoVV
uiews20akOgtwTcaVFg4w1eNyI59WtBWIomYpQSzc/LXcBfjGpcb+gqTUieFrBDI
IZVdu2LfaCaiRxse3KpZ89sGQDE6hBMvs8MbveRK71ZWH9fQI8jLg9KYOMtOzgJR
PqwGE7ub7TsF0CQQet8AAwUIANgKq9nxGjkq+2Bto6sBtzeGPm+9bAYaAxVtggeC
XR0/+i1B8L/OUA0m68Z2O0ZazXNQyl/xVBnHdVsg/Enxht3BxkU3/79pYLFuSiut
YAtdeIHVDwr4qqPfccEFUSKRWyclXHrwfPnDIcsaFIVyWMJ9OPQDJPcF5TXFBdY+
nh9bNPSCSpeDsXZqC9C5t3AkAOebCBDtncTxM5cg2kdzqfFo6+eg40RT95A+VHfj
GpRJPodT1RpvqqUQUnfl74jPm4VMymlSpHD7CUdhrbxDCCTpU3/U3lCyK78zuHGy
ENhPsKGtbb0Q22RsD1agTnm3Ou6ffPQl8W2H0RJnbA//JeGITwQYEQIADwUCRYBR
ZQIbDAUJCWYBgAAKCRD0Q4ByZO4U3XApAKCfBsYVhoZlRdqpPr6aIAyj4niJUgCg
mbaBonhsctYLDlaAchDUXapQE8k=sBRf
-----END PGP PUBLIC KEY BLOCK-----


--------------030406070605020603050401--

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH