I saw a post on the bugtraq mailing list that details an exploit to cause an ORA-600 using an ALTER SESSION SET EVENTS command. The hack is detailed in a post titled "Oracle 10g R2 and, probably, all previous versions". The poster shows an ALTER SESSION SET EVENTS command with a very long event string that causes an ORA-600. He says that this is not a crash and indeed its not really an exploit but he hints that its possible to create an integer overflow with other "combinations". I guess he means that a different length string will cause an overflow? - There is a reply to the post where a poster found that he could not replicate the bug but that is because the original poster replies on having the ALTER SESSION privilege.
Blog
Pete Finnigan's Oracle Security Weblog
This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.
[Previous entry: "SQL Injection video"] [Next entry: "An interesting thread on Alex's DBMS_ASSERT paper"]
July 2006
- Great SQL injection paper - 07/02/2006 by 07/02/2006
- Nice post by Eddie about undocumented pragmas - 07/03/2006 by 07/03/2006
- More on SYSDBA caching - 07/05/2006 by 07/05/2006
- Nice three part article on FGA - 07/07/2006 by 07/07/2006
- Mary Ann speaks - on security testing rules - 07/10/2006 by 07/10/2006
- oh the irony... - 07/14/2006 by 07/14/2006
- Alex has an analysis of CPU July 2006 and also advisories - 07/18/2006 by 07/18/2006
- Oracle's summer update fixes 65 flaws - 07/19/2006 by 07/19/2006
- Blackhat Las Vegas 2006 and unwrapping PL/SQL - 07/24/2006 by 07/24/2006
- Oracle Password Repository - 07/26/2006 by 07/26/2006
- SQL Injection video - 07/27/2006 by 07/27/2006
- An interesting thread on Alex's DBMS_ASSERT paper - 07/28/2006 by 07/28/2006
Archives
Syndication
Powered by gm-rss 2.0.0
