OSVDB ID: 22637

Title: Oracle Database Data Pump Metadata API DBMS_METADATA_INT Multiple Procedure SQL Injection

Info

Disclosure
Jan 17, 2006

Discovery
Unknown

Dates

Exploit
Unknown

Solution
Unknown

Description

 Oracle Database Server contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the DBMS_METADATA_INT package not properly sanitizing user-supplied input to the MAKE_FILTER, FETCH_VIEWS_ERROR, FETCH_FILTERS, FETCH_VIEWS, SET_FILTER_COMMON, DO_FILTER_SCRIPT, SET_TABLE_FILTERS, or MAKE_FILTER_TEXT procedure. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

Classification

 Location: Local Access Required, Remote / Network Access
Attack Type: Information Disclosure, Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified
OSVDB: Web Related

Solution

 Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch (Jan2006 Critical Patch Update) to address this vulnerability.

Products

Oracle Corporation

Database 10g Release 2

 10.2.0.1

Database 10g Release 1

 10.1.0.3
10.1.0.4
10.1.0.5
10.1.0.4.2

9i Database Release 2

 9.2.0.6
9.2.0.7

8i Database Release 3

 8.1.7.4

9i Database Release 1

 9.0.1.4
9.0.1.5
9.0.1.5 FIPS

8 Database Release 8.0.6

 8.0.6.3

References

Credit

Unknown or Incomplete


Direct URL: http://osvdb.org/22637