Oracle 9G / 10G PL/SQL Injection

Oracle 9G / 10G PL/SQL Injection: Posted Oct 26, 2009; Authored by Sh2kerr | Site dsecrg.com; Oracle Database versions 9G and 10G are susceptible to a PL/SQL injection vulnerability in the ctxsys.drvxtabc.create_tables procedure.; tags | advisory, sql injection; advisories | CVE-2009-1991; SHA-256 | 84daa237dd1a6738c1129e914291f5c78d13ae5fea34ce0cf4c5505af298c54a; Download | Favorite | View

Oracle 9G / 10G PL/SQL Injection



Digital Security Research Group [DSecRG] Advisory       #DSECRG-09-010
http://dsecrg.com/pages/vul/show.php?id=110

Application:                    Oracle Database 10G 
Versions Affected:              Oracle 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4
Vendor URL:                     http://oracle.com
Bugs:                           PL/SQL Injections
Exploits:                       YES
Reported:                       29.01.2008
Vendor response:                31.01.2008 
CVE:                            CVE-2009-1991 
SVSS2:                          3.6               
Date of Public Advisory:        26.10.2009
Authors:                        Alexandr Polyakov
                                Digital Security Research Group [DSecRG] (research [at] dsecrg [dot] com)

Description
***********

Oracle Database 10G and 9g vulnerable to PL/SQL Injection.
PL/SQL Injection found in procedure ctxsys.drvxtabc.create_tables

Details
*******

PL/SQL Injection found in procedure ctxsys.drvxtabc.create_tables 

ctxsys.drvxtabc.create_tables  has 3 parameters 

 idx_owner - varchar2
 idx_name  - varchar2
 idxid - number


idx_owner and idx_name are vulnerable to SQL Injection


*******
Example:


exec ctxsys.drvxtabc.create_tables('SH"."SH2KERR" (X NUMBER)--','yyyyyyyyy',2);


Fix Information
***************


Information was published in CPU October 2009.
All customers can download CPU patches following instructions from: 

http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2009.html 


Credits
*******

Oracle give a credits for Alexander Polyakov from Digital Security Company in CPU October 2009.

http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2009.html 

Current advisory:

http://dsecrg.com/pages/vul/show.php?id=110



About
*****
Digital Security is one of the leading IT security companies in CEMEA, providing information security consulting, audit and penetration testing services, risk analysis and ISMS-related services and certification for ISO/IEC 27001:2005 and PCI DSS standards. Digital Security Research Group focuses on application and database security problems with vulnerability reports, advisories and whitepapers posted regularly on our website.


Contact:        research [at] dsecrg [dot] com
                http://www.dsecrg.com

Top Authors In Last 30 Days

Red Hat 244 files
Ubuntu 65 files
LiquidWorm 24 files
Debian 18 files
indoushka 15 files
Apple 9 files
Google Security Research 7 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,155)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,819)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,239)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,968)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Oracle 9G / 10G PL/SQL Injection

Oracle 9G / 10G PL/SQL Injection

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Oracle 9G / 10G PL/SQL Injection

Share This

Oracle 9G / 10G PL/SQL Injection

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems