Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Oracle :: bt-21883.htm

Oracle 10g CTXSYS.DRVXTABC - plsql injection



Oracle 10g CTXSYS.DRVXTABC - plsql injection
Oracle 10g CTXSYS.DRVXTABC - plsql injection





Digital Security Research Group [DSecRG] Advisory       #DSECRG-09-010
http://dsecrg.com/pages/vul/show.php?id=110 

Application:                    Oracle Database 10G 
Versions Affected:              Oracle 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4
Vendor URL: http://oracle.com 
Bugs:                           PL/SQL Injections
Exploits:                       YES
Reported:                       29.01.2008
Vendor response:                31.01.2008 
CVE:                            CVE-2009-1991 
SVSS2:                          3.6               
Date of Public Advisory:        26.10.2009
Authors:                        Alexandr Polyakov
                                Digital Security Research Group [DSecRG] (research [at] dsecrg [dot] com)

Description
***********

Oracle Database 10G and 9g vulnerable to PL/SQL Injection.
PL/SQL Injection found in procedure ctxsys.drvxtabc.create_tables

Details
*******

PL/SQL Injection found in procedure ctxsys.drvxtabc.create_tables 

ctxsys.drvxtabc.create_tables  has 3 parameters 

 idx_owner - varchar2
 idx_name  - varchar2
 idxid - number


idx_owner and idx_name are vulnerable to SQL Injection


*******
Example:


exec ctxsys.drvxtabc.create_tables('SH"."SH2KERR" (X NUMBER)--','yyyyyyyyy',2);


Fix Information
***************


Information was published in CPU October 2009.
All customers can download CPU patches following instructions from: 

http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2009.html 


Credits
*******

Oracle give a credits for Alexander Polyakov from Digital Security Company in CPU October 2009.

http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2009.html 

Current advisory:

http://dsecrg.com/pages/vul/show.php?id=110 



About
*****
Digital Security is one of the leading IT security companies in CEMEA, providing information security consulting, audit and penetration testing services, risk analysis and ISMS-related services and certification for ISO/IEC 27001:2005 and PCI DSS standards. Digital Security Research Group focuses on application and database security problems with vulnerability reports, advisories and whitepapers posted regularly on our website.


Contact:        research [at] dsecrg [dot] com
http://www.dsecrg.com 





TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH