lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20070129195447.24286.qmail@securityfocus.com> Date: 29 Jan 2007 19:54:47 -0000 From: shatter@...secinc.com To: bugtraq@...urityfocus.com Subject: Re: Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL Correction to security advisories published by TeamSHATTER. Unfortunatelly our advisories published last week had a few minor typos regarding the versions affected. Please find corrections to the following advisories: - Oracle Database Buffer overflow vulnerabilities in procedure DBMS_LOGMNR.ADD_LOGFILE (CPU DB04) Affected Versions: 9i http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml - Oracle Database Buffer overflow vulnerability in procedure DBMS_LOGREP_UTIL.GET_OBJECT_NAME (CPU DB08) Affected Versions: 9iR2 and 10gR1 http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml - Oracle Database Buffer overflow vulnerabilities in procedure DBMS_REPCAT_UNTRUSTED.UNREGISTER_SNAPSHOT (CPU DB07) Affected Versions: 9i and 10gR1 http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml - Oracle Database Buffer overflow vulnerabilities in procedures of package DBMS_CAPTURE_ADM_INTERNAL (CPU DB09) Affected Versions: 9iR2 and 10gR1 http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml The impact of all these vulnerabilities is as described in our advisories. Our thanks to Steven Christey of Mitre for bringing this to our attention. TeamSHATTER