Alexander Kornbrust Oracle Security Blog » Print » Exploit for January CPU 2009 published

- Alexander Kornbrust Oracle Security Blog - http://blog.red-database-security.com -

Exploit for January CPU 2009 published

Dieser Eintrag stammt von Alexander Kornbrust Am 21 Jan 2009 @ 20:50 In Oracle Security | Keine Kommentare

Alexandr Polyakov, an Oracle security expert from Russia (reported findings in CPUJan2008, CPUJul2008 ), has posted details from one of his Oracle 11g findings on the webpage of [1] dsecrg.com.

By using the following PLSQL fragment

exec EXFSYS.DBMS_EXPFIL_DR.GET_EXPRSET_STATS(’EXFSYS’,'EXF$VERSION’,'EXFVER
SION’,'YYYYYYY” and 1=EVILPROC()–’)

it is possible to escalate privileges via SQL Injection. More details (e.g. extract from v$sql) can be found in their [2] advisory.

Other advisories for the January 2009 CPU cover other Oracle Products like BEA Application Server, Oracle E-Business Suite and

Dieser Artikel wurde ausgedruckt ab Alexander Kornbrust Oracle Security Blog: http://blog.red-database-security.com

URL zum Artikel: http://blog.red-database-security.com/2009/01/21/exploit-for-january-cpu-2009-published/

URLs in this post:
[1] dsecrg.com: http://dsecrg.com/
[2] advisory: http://dsecrg.com/pages/vul/show.php?id=59
[3] Oracle EBusiness Suite Sensitive Information Disclosure Vulnerability: http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-01/msg00168.ht
ml
[4] Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server: http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-01/msg00179.ht
ml
[5] Oracle BEA Weblogic 10 - Multiple Linked XSS vulnerabilities : http://dsecrg.com/pages/vul/show.php?id=58
[6] Oracle Application Server (SOA) - Linked XSS vulnerability : http://dsecrg.com/pages/vul/show.php?id=57

Klicken hier zum Drucken.