[Previous entry: "Interesting comments about the David Litchfield bug and the Duncan Harris interview"] [Next entry: "Many ways to become a DBA presentation updated"]
Details published about the mod_plsql 0-day bug
January 27th, 2006 by Pete
Post to del.icio.us
Post to Furl
Alex has produced a detailed analysis of the SQL injection bug via mod_plsql on his website. Alex took almost all of the information in his analysis from the mod_plsql log file. It took Alex only a few minutes in modplsql debug mode to work out how to exploit this bug. This is actually very easy to exploit and in fact the biggest clue to how to exploit this is in Davids post to bugtraq. This is an un-fixed bug and quite serious due to it being internet facing. David's suggestions to use mod_rewrite rules are good but as Alex points out this may not work in older versions due to it being legal to use URL's with function names with brackets.
