Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
|
|
|
|
|
|
|
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
|
|
|
|
Become a Partner and License Our Database or Notification Service
|
|
|
|
|
|
|
|
|
|
|
|
|
Oracle Database Server Buffer Overflow in ORACLE.EXE Binary May Let Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1006096 |
|
SecurityTracker URL: http://securitytracker.com/id/1006096
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Feb 13 2003
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): Oracle9i Database Release 2, Oracle9i Database Release 1, Oracle8i Database v 8.1.7, Oracle8 Database v 8.0.6
|
Description:
A buffer overflow vulnerability was reported in the Oracle Database Server. A remote authenticated user may be able to cause arbitrary code to be executed on the server.
It was reported that the ORACLE.EXE binary of the Oracle Database contains a buffer overflow. A remote authenticated user can provide a specially crafted value to the binary to potentially execute arbitrary code.
According to the report, this flaw can only be exploited via a client application that does not properly limit the size of data sent to the server.
Oracle Corporation credits Mark Litchfield of Next Generation Security Software Ltd. with reporting this flaw.
|
Impact:
A remote authenticated user may be able to execute arbitrary code on the database server.
|
Solution:
The vendor has released fixes. The fix is available in Oracle9i Database Release 2 v 9.2.0.3 patchset, Oracle9i Database Release 2 v 9.2.0.2, Oracle9i Database Release 1 v 9.0.1.4, and in Oracle8i Database v 8.1.7.4. A fix for Oracle8 Database v 8.0.6 is available on demand.
See the advisory for a patch matrix indicating patch versions and availability.
Patches are available at:
http://metalink.oracle.com
|
Vendor URL: otn.oracle.com/deploy/security/pdf/2003alert51.pdf (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), UNIX (Tru64), Windows (NT), Windows (2000), Windows (XP)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 12 Feb 2003 23:25:40 -0500
Subject: Oracle database bugs
|
Oracle issued four security alerts, warning of various flaws in the Oracle9i Database Server. Each
is summarized below.
-----
http://otn.oracle.com/deploy/security/pdf/2003alert48.pdf
Oracle Security Alert #48
Dated: 11 February 2003
Severity: 1
Bug number: 2642117
Versions: Oracle9i Database Release 2, Oracle9i Database Release 1, Oracle8i Database v 8.1.7,
Oracle8 Database v 8.0.6
A buffer overflow was reported in the DIRECTORY parameter of the BFILENAME function. A remote
authenticated user can cause arbitrary code to be executed.
The vendor has released fixes. The fix is available in Oracle9i Database Release 2 v 9.2.0.3
patchset, Oracle9i Database Release 2 v 9.2.0.2, Oracle9i Database Release 1 v 9.0.1.4, and in
Oracle8i Database v 8.1.7.4. A fix for Oracle8 Database v 8.0.6 is available on demand.
See the advisory for a patch matrix indicating patch versions and availability.
Patches are available at:
http://metalink.oracle.com
Oracle Corporation credits David Litchfield of Next Generation Security Software Ltd. with reporting
this flaw.
-----
http://otn.oracle.com/deploy/security/pdf/2003alert49.pdf
Oracle Security Alert #49
Dated: 11 February 2003
Severity: 1
Bug number: 2642267
Versions: Oracle9i Database Release 2, Oracle9i Database Release 1, Oracle8i Database v 8.1.7,
Oracle8 Database v 8.0.6
A buffer overflow vulnerability was reported in the TZ_OFFSET function of the Oracle9i Database.
The vendor has released fixes. The fix is available in Oracle9i Database Release 2 v 9.2.0.3
patchset, Oracle9i Database Release 2 v 9.2.0.2, Oracle9i Database Release 1 v 9.0.1.4, in Oracle8i
Database v 8.1.7.4, in Oracle8i Database v 8.1.7.2, and in Oracle8i Database v 8.1.7.0. A fix for
Oracle8 Database v 8.0.6 is available on demand.
See the advisory for a patch matrix indicating patch versions and availability.
Patches are available at:
http://metalink.oracle.com
Oracle Corporation credits Mark Litchfield of Next Generation Security Software Ltd. with reporting
this flaw.
-----
http://otn.oracle.com/deploy/security/pdf/2003alert50.pdf
Oracle Security Alert #50
Dated: 11 February 2003
Severity: 1
Bug number: 2642439
Versions: Oracle9i Database Release 2, Oracle9i Database Release 1, Oracle8i Database v 8.1.7,
Oracle8 Database v 8.0.6
A buffer overflow vulnerability was reported in the TO_TIMESTAMP_TZ function of the Oracle9i
Database.
The vendor has released fixes. The fix is available in Oracle9i Database Release 2 v 9.2.0.3
patchset, Oracle9i Database Release 2 v 9.2.0.2, Oracle9i Database Release 1 v 9.0.1.4, in Oracle8i
Database v 8.1.7.4, in Oracle8i Database v 8.1.7.2, and in Oracle8i Database v 8.1.7.0. A fix for
Oracle8 Database v 8.0.6 is available on demand.
See the advisory for a patch matrix indicating patch versions and availability.
Patches are available at:
http://metalink.oracle.com
Oracle Corporation credits Mark Litchfield of Next Generation Security Software Ltd. with reporting
this flaw.
-----
http://otn.oracle.com/deploy/security/pdf/2003alert51.pdf
Oracle Security Alert # 51
Dated: 11 February 2003
Severity: 1
Bug number: 2620726
Versions: Oracle9i Database Release 2, Oracle9i Database Release 1, Oracle8i Database v 8.1.7,
Oracle8 Database v 8.0.6
A buffer overflow vulnerability was reported in the ORACLE.EXE binary of the Oracle9i Database.
According to the report, this flaw can only be exploited via a client application that does not
properly limit the size of data sent to the server.
The vendor has released fixes. The fix is available in Oracle9i Database Release 2 v 9.2.0.3
patchset, Oracle9i Database Release 2 v 9.2.0.2, Oracle9i Database Release 1 v 9.0.1.4, and in
Oracle8i Database v 8.1.7.4. A fix for Oracle8 Database v 8.0.6 is available on demand.
See the advisory for a patch matrix indicating patch versions and availability.
Patches are available at:
http://metalink.oracle.com
Oracle Corporation credits Mark Litchfield of Next Generation Security Software Ltd. with reporting
this flaw.
-----
|
|
Go to the Top of This SecurityTracker Archive Page
|
