Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
|
|
|
|
|
|
|
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
|
|
|
|
Become a Partner and License Our Database or Notification Service
|
|
|
|
|
|
|
|
|
|
|
|
|
Oracle Database Server Buffer Overflow in TO_TIMESTAMP_TZ Function May Let Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1006095 |
|
SecurityTracker URL: http://securitytracker.com/id/1006095
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Feb 13 2003
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): Oracle9i Database Release 2, Oracle9i Database Release 1, Oracle8i Database v 8.1.7, Oracle8 Database v 8.0.6
|
Description:
A buffer overflow vulnerability was reported in the Oracle Database Server. A remote authenticated user may be able to cause arbitrary code to be executed on the server.
It was reported that the TO_TIMESTAMP_TZ function contains a buffer overflow. A remote authenticated user can provide a specially crafted value for the parameter to potentially execute arbitrary code.
No further details were provided.
Oracle Corporation credits Mark Litchfield of Next Generation Security Software Ltd. with reporting this flaw.
|
Impact:
A remote authenticated user may be able to execute arbitrary code on the database server.
|
Solution:
The vendor has released fixes. The fix is available in Oracle9i Database Release 2 v 9.2.0.3 patchset, Oracle9i Database Release 2 v 9.2.0.2, Oracle9i Database Release 1 v 9.0.1.4, in Oracle8i Database v 8.1.7.4, in Oracle8i Database v 8.1.7.2, and in Oracle8i Database v 8.1.7.0. A fix for Oracle8 Database v 8.0.6 is available on demand.
See the advisory for a patch matrix indicating patch versions and availability.
Patches are available at:
http://metalink.oracle.com
|
Vendor URL: otn.oracle.com/deploy/security/pdf/2003alert50.pdf (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), UNIX (Tru64), Windows (NT), Windows (2000), Windows (XP)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 12 Feb 2003 23:25:40 -0500
Subject: Oracle database bugs
|
Oracle issued four security alerts, warning of various flaws in the Oracle9i Database Server. Each
is summarized below.
-----
http://otn.oracle.com/deploy/security/pdf/2003alert48.pdf
Oracle Security Alert #48
Dated: 11 February 2003
Severity: 1
Bug number: 2642117
Versions: Oracle9i Database Release 2, Oracle9i Database Release 1, Oracle8i Database v 8.1.7,
Oracle8 Database v 8.0.6
A buffer overflow was reported in the DIRECTORY parameter of the BFILENAME function. A remote
authenticated user can cause arbitrary code to be executed.
The vendor has released fixes. The fix is available in Oracle9i Database Release 2 v 9.2.0.3
patchset, Oracle9i Database Release 2 v 9.2.0.2, Oracle9i Database Release 1 v 9.0.1.4, and in
Oracle8i Database v 8.1.7.4. A fix for Oracle8 Database v 8.0.6 is available on demand.
See the advisory for a patch matrix indicating patch versions and availability.
Patches are available at:
http://metalink.oracle.com
Oracle Corporation credits David Litchfield of Next Generation Security Software Ltd. with reporting
this flaw.
-----
http://otn.oracle.com/deploy/security/pdf/2003alert49.pdf
Oracle Security Alert #49
Dated: 11 February 2003
Severity: 1
Bug number: 2642267
Versions: Oracle9i Database Release 2, Oracle9i Database Release 1, Oracle8i Database v 8.1.7,
Oracle8 Database v 8.0.6
A buffer overflow vulnerability was reported in the TZ_OFFSET function of the Oracle9i Database.
The vendor has released fixes. The fix is available in Oracle9i Database Release 2 v 9.2.0.3
patchset, Oracle9i Database Release 2 v 9.2.0.2, Oracle9i Database Release 1 v 9.0.1.4, in Oracle8i
Database v 8.1.7.4, in Oracle8i Database v 8.1.7.2, and in Oracle8i Database v 8.1.7.0. A fix for
Oracle8 Database v 8.0.6 is available on demand.
See the advisory for a patch matrix indicating patch versions and availability.
Patches are available at:
http://metalink.oracle.com
Oracle Corporation credits Mark Litchfield of Next Generation Security Software Ltd. with reporting
this flaw.
-----
http://otn.oracle.com/deploy/security/pdf/2003alert50.pdf
Oracle Security Alert #50
Dated: 11 February 2003
Severity: 1
Bug number: 2642439
Versions: Oracle9i Database Release 2, Oracle9i Database Release 1, Oracle8i Database v 8.1.7,
Oracle8 Database v 8.0.6
A buffer overflow vulnerability was reported in the TO_TIMESTAMP_TZ function of the Oracle9i
Database.
The vendor has released fixes. The fix is available in Oracle9i Database Release 2 v 9.2.0.3
patchset, Oracle9i Database Release 2 v 9.2.0.2, Oracle9i Database Release 1 v 9.0.1.4, in Oracle8i
Database v 8.1.7.4, in Oracle8i Database v 8.1.7.2, and in Oracle8i Database v 8.1.7.0. A fix for
Oracle8 Database v 8.0.6 is available on demand.
See the advisory for a patch matrix indicating patch versions and availability.
Patches are available at:
http://metalink.oracle.com
Oracle Corporation credits Mark Litchfield of Next Generation Security Software Ltd. with reporting
this flaw.
-----
http://otn.oracle.com/deploy/security/pdf/2003alert51.pdf
Oracle Security Alert # 51
Dated: 11 February 2003
Severity: 1
Bug number: 2620726
Versions: Oracle9i Database Release 2, Oracle9i Database Release 1, Oracle8i Database v 8.1.7,
Oracle8 Database v 8.0.6
A buffer overflow vulnerability was reported in the ORACLE.EXE binary of the Oracle9i Database.
According to the report, this flaw can only be exploited via a client application that does not
properly limit the size of data sent to the server.
The vendor has released fixes. The fix is available in Oracle9i Database Release 2 v 9.2.0.3
patchset, Oracle9i Database Release 2 v 9.2.0.2, Oracle9i Database Release 1 v 9.0.1.4, and in
Oracle8i Database v 8.1.7.4. A fix for Oracle8 Database v 8.0.6 is available on demand.
See the advisory for a patch matrix indicating patch versions and availability.
Patches are available at:
http://metalink.oracle.com
Oracle Corporation credits Mark Litchfield of Next Generation Security Software Ltd. with reporting
this flaw.
-----
|
|
Go to the Top of This SecurityTracker Archive Page
|
