###############################################################
RDS_20040903_1 -
Red-Database-Security GmbH Research Advisory
Name SQL Injection via CTXSYS.DRILOAD in Oracle 8i/9i
Systems Affected Oracle 8i / Oracle9i (all platforms)
Severity High Risk
Category SQL Injection
Vendor URL http://www.oracle.com
Author Alexander Kornbrust (ak at red-database-security.com)
Date 3 Sep 2004 (V 1.0)
Advisory number RDS_200400903_1
Description
###########
SQL Injection via CTXSYS.DRILOAD in Oracle 8i/9i.
###########
SQL Injection via CTXSYS.DRILOAD in Oracle 8i/9i.
Details
#######
Any valid database user can become DBA (if CTXSYS is installed) by executing the
package DRILOAD by submitting a specially crafted parameter.
#######
Any valid database user can become DBA (if CTXSYS is installed) by executing the
package DRILOAD by submitting a specially crafted parameter.
Oracle 10g is NOT affected.
Workarounds
###########
Drop user CTXSYS (if not needed)
or
revoke public grant from CTXSYS.DRILOAD.
Patch Information
#################
Please see MetaLink Document ID 281189.1 for the patch download procedures and for the
Patch Availability Matrix for this Oracle Security Alert.
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=281189.1
History:
########
5 Januar 2004 Oracle was informed
6 Januar 2004 Bug confirmed
31 August 2004 Oracle published alert 68
########
5 Januar 2004 Oracle was informed
6 Januar 2004 Bug confirmed
31 August 2004 Oracle published alert 68
About Red-Database-Security GmbH
#################################
Red-Database-Security GmbH is a specialist in Oracle Security.
