[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Oracle 10g DBMS_SCHEDULER SESSION_USER issue
From: Alexander Kornbrust <ak () red-database-security ! com>
Date: 2005-05-05 11:00:06
Message-ID: 20050505110006.25926.qmail () www ! securityfocus ! com
[Download RAW message or body]
Red-Database-Security GmbH Oracle Security Advisory
Name Oracle 10g DBMS_SCHEDULER SESSION_USER issue
Systems Affected Oracle Database 10g
Severity Medium Risk
Category Switch SESSION_USER to SYS
Vendor URL http://www.oracle.com
Author Alexander Kornbrust (ak at red-database-security.com)
Date 03 May 2005 (V 1.00)
Description
###########
Every user with CREATE JOB privilege can switch the SESSION_USER to SYS by executing \
a database job via dbms_scheduler. This could cause problems with VPD (virtual \
private database) or OLS (Oracle label security) and could allow privilege \
escalation.
This issue is not related to the Oracle Critical Patch Update 2005.
More details including testcase available:
##########################################
http://www.red-database-security.com/exploits/oracle_exploit_dbms_scheduler_select_user.html
Patch Information
#################
This information has been public for months but Oracle never released a security \
alert for this issue. Applying patchset 10.1.0.4 is fixing this issue.
History:
########
07 October 2004 Published at the Oracle Enterprise Server Forum in Metalink
About Red-Database-Security GmbH
#################################
Red-Database-Security GmbH is a specialist in Oracle Security.
http://www.red-database-security.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic