-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
TeamSHATTER Security Advisory
SQL Injection in Oracle Alter FBA Table
February 20, 2013
Risk Level:
High
Affected versions:
Oracle Database Enterprise Edition 11.1, 11.2
Remote exploitable:
Yes
Credits:
This vulnerability was discovered and researched by Martin Rakhmanov of
Application Security Inc.
Details:
Renaming a table having flashback archive using specially crafted table name
triggers internal SQL injection. This allows users to execute code with
elevated privileges.
Impact:
An attacker having control over a flashback-enabled table can get SYSDBA
privileges.
Vendor Status:
Vendor was contacted and a patch was released.
Workaround:
Do not grant flashback archive privilege to untrusted users. Limit access to
flashback-enabled tables to trusted users only.
Fix:
Apply Oracle Critical Patch Update October 2012 available at Oracle Support.
CVE:
CVE-2012-1751
Links:
http://www.oracle.com/
https://www.teamshatter.com/?
Timeline:
Vendor Notification - 1/23/2012
Vendor Response - 1/26/2012
Fix - 16/10/2012
Public Disclosure - 2/20/2013
- --
______________________________
Copyright (c) 2013 Application Security, Inc.
http://www.appsecinc.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
iEYEARECAAYFAlEmJi0ACgkQRx91im
j+YAniPtv6/
=MSFT
-----END PGP SIGNATURE-----
Hash: SHA1
TeamSHATTER Security Advisory
SQL Injection in Oracle Alter FBA Table
February 20, 2013
Risk Level:
High
Affected versions:
Oracle Database Enterprise Edition 11.1, 11.2
Remote exploitable:
Yes
Credits:
This vulnerability was discovered and researched by Martin Rakhmanov of
Application Security Inc.
Details:
Renaming a table having flashback archive using specially crafted table name
triggers internal SQL injection. This allows users to execute code with
elevated privileges.
Impact:
An attacker having control over a flashback-enabled table can get SYSDBA
privileges.
Vendor Status:
Vendor was contacted and a patch was released.
Workaround:
Do not grant flashback archive privilege to untrusted users. Limit access to
flashback-enabled tables to trusted users only.
Fix:
Apply Oracle Critical Patch Update October 2012 available at Oracle Support.
CVE:
CVE-2012-1751
Links:
http://www.oracle.com/
https://www.teamshatter.com/?
Timeline:
Vendor Notification - 1/23/2012
Vendor Response - 1/26/2012
Fix - 16/10/2012
Public Disclosure - 2/20/2013
- --
______________________________
Copyright (c) 2013 Application Security, Inc.
http://www.appsecinc.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
iEYEARECAAYFAlEmJi0ACgkQRx91im
j+YAniPtv6/
=MSFT
-----END PGP SIGNATURE-----
Courtesy: securityfocus.com
No comments:
Post a Comment