[NEWS] Remote Denial of Service Vulnerability in Oracle9i SQL*NET
From: support@securiteam.comDate: 08/15/02
- Previous message: support@securiteam.com: "[NEWS] GoAhead Buffer Overflows (Multiple Slashes, Exploit)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Thu, 15 Aug 2002 15:48:11 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Remote Denial of Service Vulnerability in Oracle9i SQL*NET
------------------------------------------------------------------------
SUMMARY
ISS X-Force has discovered a flaw in the debugging mechanism of Oracle9i.
To exploit this vulnerability, attackers must send a specially crafted
request to an Oracle9i SQL*NET listener. Due to an implementation flaw,
Oracle9i does not handle the request correctly and fails. All Oracle9i
installations are vulnerable to this attack.
DETAILS
Affected Versions:
* Oracle9i 9.0.x
* Oracle9i 9.2
Note: All platforms for the affected versions are vulnerable.
Impact:
A successful attack on a vulnerable server can cause the SQL*NET listener
to fail and crash. Database functionality cannot be restored until the
listener is manually restarted.
Description:
SQL*NET permits client-server and server-server communication across any
network. SQL*NET enables distributed processing of SQL queries as well as
access to SQL databases from SQL-enabled clients.
Oracle9i has a debugging facility that allows database administrators to
collect additional information about the operation of the server.
Debugging features are enabled by default and cannot be disabled. The
Oracle9i SQL*NET listener does not correctly handle certain types of debug
requests that are submitted over the network. If Oracle9i encounters such
a request, it will crash and no longer field SQL requests from authorized
servers or clients.
Recommendations:
Oracle recommends that affected customers evaluate the possibility of
enabling "Valid Node Checking." This feature allows database
administrators to restrict access to the SQL*NET listener to only
authorized clients and servers. While this feature will not block
successful exploitation, it will limit exposure to this vulnerability.
Refer to Oracle Security Alert #38 for more information about this
workaround.
ISS X-Force recommends that all Oracle customers maintain a current patch
level on their Oracle installations. Oracle has released a patch for this
issue and it is available through Oracle's Worldwide Support Services
website at: <http://metalink.oracle.com> http://metalink.oracle.com.
Customers can reference this issue with the bug number 2467947.
ADDITIONAL INFORMATION
Oracle Security Alert #38: <http://metalink.oracle.com>
http://metalink.oracle.com
Internet Security Systems X-Force Database:
<http://www.iss.net/security_center/static/9237.php>
http://www.iss.net/security_center/static/9237.php
The information has been provided by Ben Layer of <mailto:xforce@iss.net>
X-Force.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[NEWS] GoAhead Buffer Overflows (Multiple Slashes, Exploit)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
