OSVDB ID: 71951

Title: Oracle Multiple Products Oracle Security Service TLS Renegotiation Handshakes MiTM Plaintext Data Injection

Info

Disclosure
Apr 20, 2011

Discovery
Unknown

Dates

Exploit
Unknown

Solution
Apr 20, 2011

Description

 Oracle Database and Fusion Middleware contain a flaw related to the Oracle Security Service component. The component fails to properly associate renegotiation handshakes with an existing connection, allowing a man-in-the-middle attacker to insert data into HTTPS sessions, and possibly other sessions which are protected by TLS or SSL. The issue is triggered when a remote attacker sends an unauthenticated request which is processed retroactively by the server in a post-renegotiation context, related to a plaintext injection attack.

Classification

 Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: Vendor Verified

Solution

 Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

Oracle Corporation

Database

 10.1.0.5
10.2.0.3
10.2.0.4
10.2.0.5
11.1.0.7
11.2.0.1
11.2.0.2

Application Server

 10.1.2.3
10.1.3.5

Fusion Middleware

 11.1.1.2.0
11.1.1.3.0

Identity Management

10.1.4.0.1
10.1.4.3

References

Credit

Unknown or Incomplete


Direct URL: http://osvdb.org/71951