Alexander Kornbrust Oracle Security Blog

During Oracle security audits we find from time to time the following (unsecure) code. Do you see the vulnerability and do you know how to exploit it?

Solution coming soon…
———-Code without exception handling—

FUNCTION CHGPWD (
P_USER VARCHAR2,
P_PWD VARCHAR2)
RETURN BOOLEAN IS

L_STMT VARCHAR2(255);

BEGIN

L_STMT:= ‚ALTER USER „‚ || P_USER || ‚“ IDENTIFIED BY „‚ || P_PWD||'“‚;

EXECUTE IMMEDIATE L_STMT;

RETURN TRUE;

END;

This entry was posted on Montag, Mai 28th, 2007 at 21:19 and is filed under Oracle Security, source code audit. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.