Today Alex Kornbrust of Red Database Security has today released 6 new security advisories for bugs that have been fixed in previous Critical Patch Updates (CPU) but Oracle did not inform Red Database Security that they had been fixed so no advisory was released at the time. The six are as follows:
"Shutdown TNS Listener via Oracle iSQL*Plus" - Alex details how a connect to iSQL*Plus can be used to construct a TNS connect string that includes a STOP command for the listener.
"Shutdown TNS Listener via Oracle Forms Servlet" - Alex demonstrates basically the same issue except that this time the TNS command is sent from Forms
"Plaintext Password Vulnerabilitiy during Installation of Oracle HTMLDB" - Alex points out that the SYS password used to install HTMLDB is logged to a file in plain text
"Cross-Site-Scripting Vulnerabilities in Oracle HTMLDB" - Alex shows how to send a crafted URL that includes SQL that can be executed in the database.
"Cross-Site-Scripting Vulnerability in Oracle iSQL*Plus" - Alex demonstrates a cross site scripting vulnerability that pops up a windows when an SQL statement is executed.
"Cross-Site-Scripting Vulnerability in Oracle XMLDB" - Alex again demonstrates how XMLDB can be used to pop up a window.
All of these 6 bugs are fixed in CPU July 2005.
Blog
Pete Finnigan's Oracle Security Weblog
This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.
[Previous entry: "Researcher lashes out at Oracle's security effort"] [Next entry: "Slight correction to the HTMLDB advisories"]
October 2005
- The Six Dumbest Ideas in Computer Security - 10/01/2005 by 10/01/2005
- Good thread on Oracle brute force password cracking and OUG Scotland - 10/03/2005 by 10/03/2005
- OUG Scotland - 10/05/2005 by 10/05/2005
- Link to David Litchfields original post - 10/06/2005 by 10/06/2005
- Slight correction to the HTMLDB advisories - 10/07/2005 by 10/07/2005
- Some more posts on bugtraq about David Litchfields open letter to Oracle - 10/08/2005 by 10/08/2005
- WebGoat an application to learn how to hack! - 10/10/2005 by 10/10/2005
- Security, SOX and Oracle Incentive Compensation - 10/11/2005 by 10/11/2005
- The Age talks about David Litchfields open letter to Oracle - 10/12/2005 by 10/12/2005
- Prevention and detection better than cure - 10/13/2005 by 10/13/2005
- How to encrypt/decrypt strings with the dbms_obfuscation_toolkit package - 10/14/2005 by 10/14/2005
- comments and how to re-enable them on this blog - 10/16/2005 by 10/16/2005
- CPU October 18th a few comments - 10/18/2005 by 10/18/2005
- Women who know Oracle and security - 10/19/2005 by 10/19/2005
- Easy connect identifier - 10/20/2005 by 10/20/2005
- Researcher: Oracle Patch Set Flawed Again - 10/21/2005 by 10/21/2005
- Exploit circulating for newly patched Oracle bug - It can crash an unpatched database server - 10/22/2005 by 10/22/2005
- Some fight back on Oracle security bugs - old news article - 10/26/2005 by 10/26/2005
- Josh has released a paper about the Oracle password algorithm - 10/27/2005 by 10/27/2005
- Some news stories about the josh oracle password paper - 10/29/2005 by 10/29/2005
- UKOUG tomorrow - 10/30/2005 by 10/30/2005
Archives
Syndication
Powered by gm-rss 2.0.0
