Множественные уязвимости в Oracle Database Server

Описание: Несколько уязвимостей обнаружено в Oracle Database Server. Удаленный пользователь может получить контроль над сервером базы данных.

В Июле 2004 года, NGSSoftware сообщил о 34 уязвимостях в Oracle Database Server и Application Server, большинство которых имеют критическую опасность. Эти уязвимости включают переполнения буфера, PL/SQL инъекции, отказ в обслуживании и другие уязвимости. Детали об уязвимостях не были опубликованы. NGSSoftware планирует рассказать о деталях в Декабре 2004 года.

В Августе 2004 года, Application Security, Inc. сообщил о 44 переполнениях буфера в Oracle Database Server. Список уязвимых пакетов и параметров:

#1 - Buffer overflow in public procedure DROP_SITE_INSTANTIATION of DBMS_REPCAT_INSTANTIATE package

#2 - Buffer overflow in public function INSTANTIATE_OFFLINE of DBMS_REPCAT_INSTANTIATE package

#3 - Buffer overflow in public function INSTANTIATE_ONLINE of DBMS_REPCAT_INSTANTIATE package

#4 - Buffer overflow on "gname" parameter on procedures of Replication Management API Packages

#5 - Buffer overflow on "sname" and "oname" parameters on procedures of DBMS_REPCAT package

#6 - Buffer overflow on "type" parameter on procedures of DBMS_REPCAT package

#7 - Buffer overflow on "gowner" parameter on procedures of the DBMS_REPCAT package

#8 - Buffer overflow on "operation" parameter on procedures of DBMS_REPCAT package

#9 - Buffer overflow in procedure CREATE_MVIEW_REPGROUP of DBMS_REPCAT package

#10 - Buffer overflow in procedure GENERATE_REPLICATION_SUPPORT of DBMS_REPCAT package

#11 - Buffer overflow in procedures REGISTER_USER_REPGROUP and UNREGISTER_USER_REPGROUP of DBMS_REPCAT_ADMIN package

#12 - Buffer overflow in functions INSTANTIATE_OFFLINE, INSTANTIATE_ONLINE and procedure DROP_SITE_INSTANTIATION of DBMS_REPCAT_RGT package

#13 - Buffer overflow on TEMPFILE parameter

#14 - Buffer overflow on LOGFILE parameter

#15 - Buffer overflow on CONTROLFILE parameter

#16 - Buffer overflow on FILE parameter

#17 - Buffer overflow in Interval Conversion Functions

#18 - Buffer overflow in String Conversion Function

#19 - Buffer overflow in CTX_OUTPUT Package Function

#21 - Buffer overflow on DATAFILE parameter

#22 - Buffer overflow in DBMS_SYSTEM package function

#24 - Buffer overflow on "fname" parameter of the DBMS_REPCAT* packages

#25 - Buffer overflow on procedures of the Replication Management API packages

#26 - Heap based buffer overflow Vulnerability in Oracle 10g iSQL*PLus Service

#27 - Buffer overflow in procedure AQ_TABLE_DEFN_UPDATE of DBMS_AQ_IMPORT_INTERNAL package

#28 - Buffer overflow in procedure VERIFY_QUEUE_TYPES_GET_NRP of DBMS_AQADM package

#29 - Buffer overflow in procedure VERIFY_QUEUE_TYPES_NO_QUEUE of DBMS_AQADM package

#30 - Buffer overflow in procedure VERIFY_QUEUE_TYPES of DBMS_AQADM_SYS package

#31 - Buffer overflow in procedure PARALLEL_PUSH_RECOVERY of DBMS_DEFER_INTERNAL_SYS package

#32 - Buffer overflow in procedure ENABLE_PROPAGATION_TO_DBLINK of DBMS_DEFER_REPCAT package

#33 - Buffer overflow in procedure DISABLE_RECEIVER_TRACE of DBMS_INTERNAL_REPCAT package

#34 - Buffer overflow in procedure ENABLE_RECEIVER_TRACE of DBMS_INTERNAL_REPCAT package

#35 - Buffer overflow in procedure VALIDATE of DBMS_INTERNAL_REPCAT package

#36 - Buffer overflow in procedure DIFFERENCES of DBMS_RECTIFIER_DIFF package

#37 - Buffer overflow in procedure ADD_COLUMN of DBMS_REPCAT_RQ package

#39 - Buffer overflow in procedure IS_MASTER of DBMS_REPCAT_UTL package

#40 - Buffer overflow in procedure PUSHDEFERREDTXNS of LTUTIL package

#41 - Buffer overflow in public procedure SDO_CODE_SIZE of MD2 package

#42 - Buffer overflow in public procedure VALIDATE_GEOM of MD2 package

#43 - Buffer overflow in public procedure SDO_CODE_SIZE of SDO_ADMIN package

#44 - Buffer overflow in procedure SUBINDEXPOPULATE of DRIDDLR package

URL производителя: http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf

Решение:Установите обновление как описано в MetaLink Document ID 281189.1: www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf