[VulnWatch] [AppSecInc Team SHATTER Security Advisory] Denial of Service in Oracle interMedia

From: Team SHATTER (shatter@private)
Date: Mon Apr 18 2005 - 12:01:42 PDT


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Denial of Service in Oracle interMedia

AppSecInc Team SHATTER Security Advisory
http://www.appsecinc.com/resources/alerts/oracle/2005-01.html
April 18, 2005

Affected versions: Oracle Database Server versions 9i and 10g

Risk level: Medium

Credits: This vulnerability was discovered and researched by Esteban
Martínez Fayó of Argeniss for Application Security Inc.

Details:
Within the Oracle interMedia system, two types (ORDImage and ORDDoc)
have a vulnerability that can cause a Denial of Service condition. When
trying to load a specially constructed file, or when setting specially
constructed data to object's property, a Denial of service can be
triggered making Oracle server process consume 100% CPU usage. The
service needs to be restarted to resume normal operation.

This vulnerability can be exploited remotely by supplying a specially
constructed file to an application that uses the vulnerable objects to
process the file in the database server.

Impact:
By default PUBLIC has execute permission on these objects so any Oracle
database user can exploit this vulnerability. Exploitation of this
vulnerability will allow an attacker to cause a DOS (Denial of service).

Vendor Status:
Vendor was contacted and a patch was released.

Fix:
Apply Oracle Critical Patch Update April 2005 available at
http://metalink.oracle.com

Links:
Application Security, Inc advisory:
http://www.appsecinc.com/resources/alerts/oracle/2005-01.html
Oracle security alert:
http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf

- --
_____________________________________________
Application Security, Inc.
www.appsecinc.com
AppSecInc is the leading provider of database security solutions for the
enterprise. AppSecInc products proactively secure enterprise
applications at more than 300 organizations around the world by
discovering, assessing, and protecting the database against rapidly
changing security threats. By securing data at its source, we enable
organizations to more confidently extend their business with customers,
partners and suppliers. Our security experts, combined with our strong
support team, deliver up-to-date application safeguards that minimize
risk and eliminate its impact on business.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)

iD8DBQFCZAQW/0w1dSVRt4URAmo6AJ9yKUAN3zd5bqhPwUmlLqljTPxrFgCgpleQ
QUm/LCcdiyGz+VgCs+dqJfY=
=ao/r
-----END PGP SIGNATURE-----



This archive was generated by hypermail 2.1.3 : Mon Apr 18 2005 - 15:54:22 PDT