Fyi Patrice Boivin Systems Analyst (Oracle Certified DBA) Systems Admin & Operations | Admin. et Exploit. des systèmes Technology Services | Services technologiques Informatics Branch | Direction de l'informatique Maritimes Region, DFO | Région des Maritimes, MPO E-Mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> -------- Original Message -------- Subject: [ISN] Oracle patches high-risk security hole Date: Fri, 6 Jul 2001 02:32:18 -0500 (CDT) From: InfoSec News <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> http://investor.cnet.com/investor/news/newsitem/0-9900-1028-6469566-0.html?t ag=ats <http://investor.cnet.com/investor/news/newsitem/0-9900-1028-6469566-0.html? tag=ats> By: Stephen Shankland 7/5/01 4:40 PM Source: News.com Researchers have found a security hole in Oracle's 8i database program that could let an outside attacker take over the software and-in the case of a Windows computer-the entire system. Researchers at Covert Labs, part of Network Associates' PGP Security group, discovered the vulnerability and ranked its risk as "high." Oracle has acknowledged the problem, fixed it in the newest 9i version of its software and issued a patch for the earlier releases. "This is a pretty significant vulnerability for Oracle users," said Jim Magdych, security research manager for PGP Security. The problem occurs in a part of Oracle's database software called the "listener," which handles communications between people using the database and the database itself, Magdych said. The attack works by sending more information than the software expects, a process called a "buffer overrun." In a buffer overrun attack, the extra characters are written into the computer's memory. A clever attacker can place commands in just the right patch of memory to make the computer's chip run a program that can be used to give access to the attacker, Magdych said. What the attacker does next varies according to what type of system has been compromised. In the case of the Oracle security hole, the attacker would have access privileges to the database itself, granting him permission to view or change any information in the database. Oracle runs with very broad powers on a Windows system, so an attacker there would have complete control over the system, Magdych said. Oracle has narrower powers running under the Unix operating system, but the Oracle permission would be a useful foot in the door for further attacks that could lead to complete control, he said. Covert Labs has a staff of about six scouring software commonly used on the Internet, Magdych said. Earlier this year, the team discovered several serious problems with Berkeley Internet Name Domain (BIND), widely-used software that links a computer's numerical Internet address with its URL. ISN is hosted by SecurityFocus.com --- To unsubscribe email [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> . -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Boivin, Patrice J INET: [EMAIL PROTECTED] Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists -------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
