COMMAND

	Oracle Reports Server buffer overflow

SYSTEMS AFFECTED

	Oracle 9iAS

PROBLEM

	In     NGSSoftware     Insight      Security      Research      advisory
	[http://www.ngssoftware.com/]:
	

	Oracle\'s Report Server contains a remotely exploitable  buffer  overrun
	vulnerability in one of its CGI based programs.
	

	By supplying an overly long database name parameter to the rwcgi60  with
	the setauth method, a remote  attacker  can  overwrite  a  saved  return
	address on the stack, gaining control over the processes execution.
	

	Any exploit code supplied by the  attacker  will  run  in  the  security
	context of account the web server is running as. Normally  on  platforms
	running a unix variant the account has limited privileges;  However,  on
	Windows based system the web server, by default, runs in the context  of
	the local SYSTEM account.
	

	

SOLUTION

	Oracle have now released patches which are available from  the  Metalink
	site. The patch number is 2356680.