[ISN] Oracle patches high-risk security hole

From: InfoSec News (isnat_private)
Date: Fri Jul 06 2001 - 00:32:18 PDT

  • Next message: InfoSec News: "[ISN] Security specialist succumbs to hackers"

    By: Stephen Shankland
    7/5/01 4:40 PM
    Source: News.com  
    Researchers have found a security hole in Oracle's 8i database program
    that could let an outside attacker take over the software and--in the
    case of a Windows computer--the entire system.  Researchers at Covert
    Labs, part of Network Associates' PGP Security group, discovered the
    vulnerability and ranked its risk as "high." Oracle has acknowledged
    the problem, fixed it in the newest 9i version of its software and
    issued a patch for the earlier releases.
    "This is a pretty significant vulnerability for Oracle users," said
    Jim Magdych, security research manager for PGP Security.
    The problem occurs in a part of Oracle's database software called the
    "listener," which handles communications between people using the
    database and the database itself, Magdych said. The attack works by
    sending more information than the software expects, a process called a
    "buffer overrun."
    In a buffer overrun attack, the extra characters are written into the
    computer's memory. A clever attacker can place commands in just the
    right patch of memory to make the computer's chip run a program that
    can be used to give access to the attacker, Magdych said.
    What the attacker does next varies according to what type of system
    has been compromised. In the case of the Oracle security hole, the
    attacker would have access privileges to the database itself, granting
    him permission to view or change any information in the database.
    Oracle runs with very broad powers on a Windows system, so an attacker
    there would have complete control over the system, Magdych said.
    Oracle has narrower powers running under the Unix operating system,
    but the Oracle permission would be a useful foot in the door for
    further attacks that could lead to complete control, he said.
    Covert Labs has a staff of about six scouring software commonly used
    on the Internet, Magdych said. Earlier this year, the team discovered
    several serious problems with Berkeley Internet Name Domain (BIND),
    widely-used software that links a computer's numerical Internet
    address with its URL.
    ISN is hosted by SecurityFocus.com
    To unsubscribe email isn-unsubscribeat_private

    This archive was generated by hypermail 2b30 : Fri Jul 06 2001 - 01:47:06 PDT