TUCoPS :: Oracle :: c07-2092.htm

Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL
Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL
Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL



This is a multi-part message in MIME format.
--------------000007060107070607060309
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Oracle Database Buffer overflow vulnerabilities in procedures of package
DBMS_CAPTURE_ADM_INTERNAL (DB09)

AppSecInc Team SHATTER Security Advisory
http://www.appsecinc.com/resources/alerts/oracle 
Jan 18, 2007

Affected versions: Oracle Database Server versions 9iR1, 9iR2 and 10gR1

Risk level: Medium

Remote exploitable:  Yes (Authentication to Database Server is needed)

Credits:  This vulnerability was discovered and researched by Esteban
Mart=EDnez Fay=F3 of Application Security Inc.

Details:
Oracle Database Server provides the DBMS_CAPTURE_ADM_INTERNAL package
that is used internally by the Streams Change Data Capture component.
This package contains the procedures CREATE_CAPTURE, ALTER_CAPTURE,
ABORT_TABLE_INSTANTIATION that are vulnerable to buffer overflow attacks.

Impact:
Any Oracle database user with EXECUTE privilege on the package
SYS.DBMS_CAPTURE_ADM_INTERNAL can exploit this vulnerability.
Exploitation of this vulnerability allows an attacker to execute
arbitrary code. It can also be exploited to cause DOS (Denial of
service) killing Oracle server process.

Vendor Status:
Vendor was contacted and a patch was released.

Workaround:
Restrict access to the SYS.DBMS_CAPTURE_ADM_INTERNAL package.

Fix:
Apply Oracle Critical Patch Update January 2007 available at Oracle
Metalink.

Links:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html 
http://www.appsecinc.com/resources/alerts/oracle 

- --
_____________________________________________
Application Security, Inc.
www.appsecinc.com 
AppSecInc is the leading provider of database security solutions for the
enterprise. AppSecInc products proactively secure enterprise
applications at more than 300 organizations around the world by
discovering, assessing, and protecting the database against rapidly
changing security threats. By securing data at its source, we enable
organizations to more confidently extend their business with customers,
partners and suppliers. Our security experts, combined with our strong
support team, deliver up-to-date application safeguards that minimize
risk and eliminate its impact on business.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org 

iD8DBQFFt+779EOAcmTuFN0RAghNAJ9au2zMaTryG5FlsOYhzCOpUUPPMgCgrxBy
kFo9nef8098NsSBFvq6cbqU=c+cz
-----END PGP SIGNATURE-----

--------------000007060107070607060309
Content-Type: application/pgp-keys;
 name="0x64EE14DD.asc"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="0x64EE14DD.asc"

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.5 (MingW32)

mQGiBEWAUVwRBACEG29buZQSuLf2SYbTta43vwYucTwd4NA+tpgMNCyYhZPTZLGD
ra+Mg+Sj3Mv6RFQjMflKJkz0P/jnfCOqVyJWTIFdouvWh9fTU4XBikUdtU+3ZLmO
YvLAehJHMZqLUXd+wxcC+T/7qFioBoxVfZkfUfyXu2rdL6MRClGNp7w+twCg3D/f
lD8DT5Tls08gpMwAt3w6L+MD/1Qfn1vkOjo9WtDdKSodJ1Gz6XjRE4epZi2GqN5T
8dnC+4vmg8j8t9eQgkDa+kZ7Ke6MYbh69XthB9Jb3u+gNzhqHqNWZizOQH5IBYOD
orki10llvU4tEOaqWbZ0R//Z7vRmA5hPcczA8KMvHjqQGUbccasVswPiBMJIhXwj
dZqLA/99kpdCcxTKYZeW0o459BciJQULWyr6q7x6E1tjuhOFMeB6B+M4cLI50nkW
4+GXlgGbiQqO4eC9j3pkcmLXeZECLKKB5/sjixoorHBVUICrn0260ZkSbTNv9TyQ
DY1OJDwzOESNbnFiVxkDvLo3lssSlAR3i18rf3QSTepUNnkgALQkVGVhbSBTSEFU
VEVSIDxzaGF0dGVyQGFwcHNlY2luYy5jb20+iGYEExECACYFAkWAUVwCGyMFCQlm
AYAGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRD0Q4ByZO4U3WgWAJ9EjeTQI058
R1H1cG5nG08OijKi0QCfWRk3gCo/VJwDUZZTRu4ZAPAH6Nu5Ag0ERYBRZRAIAODL
A0pnKYiMIcRZLSpXmbSNSn8b7R91COkTjIGH85mR10e5406T37eh/Y3GViEe9WRY
phRf611ELeeiPsd9B6vCJzv5WNkVSk4n7WLfDjMkWWFZezeNDUKL3EsggR/xEWAD
yjvf4KVY6R2mLuk+oROoBGoY5028b6A+UmTiXh+0LdBxWoFHnYSXjfSXVUA+UoVV
uiews20akOgtwTcaVFg4w1eNyI59WtBWIomYpQSzc/LXcBfjGpcb+gqTUieFrBDI
IZVdu2LfaCaiRxse3KpZ89sGQDE6hBMvs8MbveRK71ZWH9fQI8jLg9KYOMtOzgJR
PqwGE7ub7TsF0CQQet8AAwUIANgKq9nxGjkq+2Bto6sBtzeGPm+9bAYaAxVtggeC
XR0/+i1B8L/OUA0m68Z2O0ZazXNQyl/xVBnHdVsg/Enxht3BxkU3/79pYLFuSiut
YAtdeIHVDwr4qqPfccEFUSKRWyclXHrwfPnDIcsaFIVyWMJ9OPQDJPcF5TXFBdY+
nh9bNPSCSpeDsXZqC9C5t3AkAOebCBDtncTxM5cg2kdzqfFo6+eg40RT95A+VHfj
GpRJPodT1RpvqqUQUnfl74jPm4VMymlSpHD7CUdhrbxDCCTpU3/U3lCyK78zuHGy
ENhPsKGtbb0Q22RsD1agTnm3Ou6ffPQl8W2H0RJnbA//JeGITwQYEQIADwUCRYBR
ZQIbDAUJCWYBgAAKCRD0Q4ByZO4U3XApAKCfBsYVhoZlRdqpPr6aIAyj4niJUgCg
mbaBonhsctYLDlaAchDUXapQE8k=sBRf
-----END PGP PUBLIC KEY BLOCK-----


--------------000007060107070607060309--

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH