Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
![]() |
![]() |
Home -> Community -> Mailing Lists -> Oracle-L -> RE: another security issue with Oracle 9.x
There
is also the
<SPAN
class=369145317-15022002>
<SPAN
class=369145317-15022002>sqlplus "/ as sysdba"
<SPAN
class=369145317-15022002>
breach
as well... make sure you have your password files set up.
<FONT face=Tahoma
size=2>-----Original Message-----From: Jacques Kilchoer
Sent: Thursday, February 14, 2002 3:58 PMTo: Multiple
recipients of list ORACLE-LSubject: another security issue with
Oracle 9.x
I hate to seem overly "alarmist", but in addition to the SNMP
security issue mentioned already, I have read of this problem discovered by Next
Generation Security Software Ltd. in Sutton, England:
<A href="http://www.nextgenss.com/advisories/oraplsextproc.txt"
target=_blank>http://www.nextgenss.com/advisories/oraplsextproc.txt
<<<A large part of Oracle database functionality is
provided by PL/SQL packages. PL/SQL, or Procedural Language/ Structured
Query Language, extends SQL and allows an "executable" package be created that
exports procedures and functions. PL/SQL packages can be extended to call
functions exported by operating system libraries or Dynamic Link Libraries. It
is possible to create a (PL/SQL) library and PL/SQL package that calls any
function in any library on the file system. An attack would probably call
system() and pass the name of a program to be executed. It is apparent that to
do this a user must be able to connect to the Oracle database server and login
with an account that has the CREATE LIBRARY permission before an attack becomes
successful. However, NGSSoftware Insight Security Research has discovered a way
to fool the Oracle database server into loading arbitrary libraries and
executing arbitrary functions without ever having to
authenticate.>>
(more details at the link)
Received on Fri Feb 15 2002 - 11:56:24 CST
![]() |
![]() |