Oracle 10g DBMS_EXPORT_EXTENSION SQL Injection Vulnerability
BID:17699
CVE-2006-2505 |Info
Oracle 10g DBMS_EXPORT_EXTENSION SQL Injection Vulnerability
| Bugtraq ID: | 17699 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 26 2006 12:00AM |
| Updated: | Feb 05 2007 06:58PM |
| Credit: | Reported by putosoft softputo <[email protected]> and David Litchfield <[email protected]>. |
| Vulnerable: |
Oracle Oracle10g Standard Edition 10.2 .3 Oracle Oracle10g Standard Edition 10.2 .2 Oracle Oracle10g Standard Edition 10.2 .1 Oracle Oracle10g Standard Edition 10.1 .4.2 Oracle Oracle10g Standard Edition 10.1 .0.5 Oracle Oracle10g Standard Edition 10.1 .0.4 Oracle Oracle10g Standard Edition 10.1 .0.3.1 Oracle Oracle10g Standard Edition 10.1 .0.3 Oracle Oracle10g Standard Edition 10.1 .0.2 Oracle Oracle10g Standard Edition 9.0.4 .0 Oracle Oracle10g Personal Edition 10.2 .3 Oracle Oracle10g Personal Edition 10.2 .2 Oracle Oracle10g Personal Edition 10.2 .1 Oracle Oracle10g Personal Edition 10.1 .0.4 Oracle Oracle10g Personal Edition 10.1 .0.3.1 Oracle Oracle10g Personal Edition 10.1 .0.3 Oracle Oracle10g Personal Edition 10.1 .0.2 Oracle Oracle10g Personal Edition 9.0.4 .0 Oracle Oracle10g Enterprise Edition 10.2 .3 Oracle Oracle10g Enterprise Edition 10.2 .2 Oracle Oracle10g Enterprise Edition 10.2 .1 Oracle Oracle10g Enterprise Edition 10.1 .0.4 Oracle Oracle10g Enterprise Edition 10.1 .0.3.1 Oracle Oracle10g Enterprise Edition 10.1 .0.3 Oracle Oracle10g Enterprise Edition 10.1 .0.2 Oracle Oracle10g Enterprise Edition 9.0.4 .0 Oracle Oracle10g Application Server 10.1.3 .0.0 Oracle Oracle10g Application Server 10.1.2 .1.0 Oracle Oracle10g Application Server 10.1.2 .0.2 Oracle Oracle10g Application Server 10.1.2 .0.1 Oracle Oracle10g Application Server 10.1.2 Oracle Oracle10g Application Server 10.1 .0.4 Oracle Oracle10g Application Server 10.1 .0.3.1 Oracle Oracle10g Application Server 10.1 .0.3 Oracle Oracle10g Application Server 10.1 .0.2 Oracle Oracle10g Application Server 9.0.4 .2 Oracle Oracle10g Application Server 9.0.4 .1 Oracle Oracle10g Application Server 9.0.4 .0 |
| Not Vulnerable: | |
Discussion
Oracle 10g DBMS_EXPORT_EXTENSION SQL Injection Vulnerability
Oracle 10g is prone to an SQL-injection vulnerability. An attacker could exploit this to gain DBA privileges.
This vulnerability was initially thought to have been fixed as part of the Oracle April 2006 Security Update (BID 17590), but this issue reportedly wasn't patched.
Further information indicates that this issue also affects the 'GET_DOMAIN_INDEX_TABLES' and "GET_V2_DOMAIN_INDEX_TABLES' functions.
Oracle 10g is prone to an SQL-injection vulnerability. An attacker could exploit this to gain DBA privileges.
This vulnerability was initially thought to have been fixed as part of the Oracle April 2006 Security Update (BID 17590), but this issue reportedly wasn't patched.
Further information indicates that this issue also affects the 'GET_DOMAIN_INDEX_TABLES' and "GET_V2_DOMAIN_INDEX_TABLES' functions.
Exploit / POC
Oracle 10g DBMS_EXPORT_EXTENSION SQL Injection Vulnerability
Exploit code is available:
Exploit code is available:
Solution / Fix
Oracle 10g DBMS_EXPORT_EXTENSION SQL Injection Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Oracle 10g DBMS_EXPORT_EXTENSION SQL Injection Vulnerability
References:
References:
- Oracle Critical Patch Update - July 2006 (Oracle)
- Re: Recent Oracle exploit is _actually_ an 0day with no patch (David Litchfield)
- Recent Oracle exploit is _actually_ an 0day with no patch ("David Litchfield"