lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <1C09DF36EB7A3F489633C919E7413501150D30@mapibe09.exchange.xchg> Date: Fri Jul 15 08:01:04 2005 From: ak at red-database-security.com (Kornbrust, Alexander) Subject: Silently fixed security bugs in Oracle Critical Patch Update July 2005 Hello BugTraq-Reader After reading the patch documentation and some tests with the CPU July 2005 I found out that Oracle fixed some security bugs silently without mention these bugs in their current risk matrix. Detailed information about most of these bugs are not available via Metalink but in many cases the description is sufficient for a malicious attacker (e.g. "/DAV_PUBLIC IS NOT PROTECTED BY DEFAULT ENABLING MALITIOUS USER TO FILL IT UP") For OHS 9.0.2.3: 3174425 - OHS CRASHES WITH A SPECIFIC REQUEST 3396862 - MOD_OSSO DOES NOT EXPIRE PARTNER APPLICATION COOKIES For Mod_Oradav 9.0.2.3: 2576249 - /DAV_PUBLIC IS NOT PROTECTED BY DEFAULT ENABLING MALITIOUS USER TO FILL IT UP 2544464 - ORAALTPASSWORD SHOULD BE ENCRYPTED AND NOT JUST OBFUSCATED For Webcache 9.0.2.3 2972458 - WEBCACHE SERVES DOCUMENTS AT 40 BIT ENCRYPTION WHEN 128 SPECIFIED IN OHS For OHS 9.0.3.1: 3164583 - INACTIVITY TIMEOUT CAN BE BYPASSED USING BROWSER BACK BUTTON 2701804 - OHS HANGS: NO BUFFER SPACE AVAILABLE: ACCEPT: (CLIENT SOCKET) 3174425 - OHS CRASHES WITH A SPECIFIC REQUEST For DB 9.0.1.4 or DB 9.0.1.5 3889519 - UPLOAD IN SSL DOES NOT WORK WITH IE AFTER SECALERT 68 OR DB PATCH 9015 DB 9.0.1.5Fips Patch 4 : 4340015 4067484 SSO SERVER XSS CHECK DB 9.0.1.5Fips Patch 2 : 4210722 2605435 : MEMORY LEAK WHEN EXECUTING A QUERY THROUGH TAF CONNECTION This information is available at http://www.red-database-security.com/whitepaper/cpu_july_2005_silently_f ixed_bugs.html Regards Alexander Kornbrust Red-Database-Security GmbH PS: Don't miss the Oracle Security related talks at Black Hat 2005 in Las Vegas. I will show how to circumvent Oracle's database encryption (dbms_crypto/dbms_obfuscation_toolkit) to decrypt sensitive information. All Oracle Security related topics at the Black Hat 2005 USA. http://www.blackhat.com/html/bh-usa-05/bh-usa-05-speakers.html#Cerrudo http://www.blackhat.com/html/bh-usa-05/bh-usa-05-speakers.html#Fayo http://www.blackhat.com/html/bh-usa-05/bh-usa-05-speakers.html#Kornbrust http://www.blackhat.com/html/bh-usa-05/bh-usa-05-speakers.html#Litchfiel d
Powered by blists - more mailing lists