D.o.S. Exploit for Oracle 10.2.0.1/10.2.0.2 published on bugtraq

3 Nov 2007 von Alexander Kornbrust.

Yesterday an anonymous person (oraclefun@hushmail.com) posted an exploit for XDB_PITRIG_PKG.PITRIG_DROPMETADATA in Oracle 10.2 on the security mailing list bugtraq without any explanation about affected versions. I did a few tests and tested this exploit against my test databases. Unpatched Oracle 10.2.0.1 and 10.2.0.2 databases are terminated immediately.

This exploit is using IDS evasion techniques to avoid detection from network based IDS for Oracle.

To run this exploit only the privilege “create session” is required. 10.2.0.3 is not affected from this exploit.

Oracle 9i Rel. 1, 9i Rel. 2, 10g Rel.1 and 11g are not affected and throw error messages.

######### 9.2.0.8 , 10.1.0.5 #########
ERROR at line 22:
ORA-06550: line 22, column 1:
PLS-00201: identifier ‘XDB.XDB_PITRIG_PKG’ must be declared
ORA-06550: line 22, column 1:
PL/SQL: Statement ignored
#########

######### 10.2.0.3 or 11g #########
ERROR at line 1:
ORA-29329: Table not of type XMLType
ORA-06512: at “XDB.XDB_PITRIG_PKG”, line 127
ORA-06512: at line 22
#########

Geschrieben in Exploit, Oracle Security, Allgemein | Drucken | Keine Kommentare »