[Previous entry: "On Security, Is Oracle the Next Microsoft?"] [Next entry: "Some testing of orabf (Oracle password cracker) speed by Marcel-Jan"]
A nice fix for the "Overwrite any file via desname in Oracle Reports" bug
September 19th, 2005 by Pete
Post to del.icio.us
Post to Furl
I got an email from Jens-Uwe Peterson of Trivadis GmbH this evening to tell me of a paper written by one of his colleagues Dirk Nachbar who has studied the desname bug in detail and has provided a workable solution for it. His paper is titled "A security hole in Oracle application server (reports) and how to fix it".
This is the bug whereby the desname parameter can be used to overwrite any system file. This is a great paper and well worth reading if you have or run Oracle Reports. Dirk has studied the issue in great detail and has proposed a sound solution using mod_rewrite rules.
