| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Oct 2006 18:51:42 +0200 From: "Alexander Kornbrust" <ak@...-database-security.com> To: <full-disclosure@...ts.grok.org.uk> Subject: Modify Data via Inline Views Name Modify Data via Inline Views (8107967) [DB09] Systems Affected Oracle 9i - 10g Rel. 2 Severity High Risk Category Unauthorized Access Vendor URL http://www.oracle.com/ Author Alexander Kornbrust (ak at red-database-security.com) Advisory 18 October 2006 (V 1.00) Advisory http://www.red-database-security.com/advisory/oracle_modify_data_via_inline_ views.html Details ####### Updates, deletes and inserts are possible with least-privilege via inline views. A user with create session only can insert/update/delete data (e.g. the dual table). This bug is similar but not identical to the bug which was fixed in the July 2006 CPU (Modify Data via views). No workarounds available. Samples ####### delete from (specially crafted inline view) insert into (specially crafted inline view) update (specially crafted inline view) Patch Information ################# Apply the patches for Oracle CPU October 2006. History ####### 24-jul-2006 Oracle secalert was informed about a variant of the create view bug. 18-oct-2006 Oracle published CPU October 2006 [DB09] 18-oct-2006 Advisory published Additional Information ###################### An analysis of the Oracle CPU Oct 2006 is available here http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists