Oracle Net Services Link查詢請求緩沖區溢出漏洞

發布時間：2003-05-25

更新時間：2003-05-25

嚴重程度：高

威脅程度：普通用戶訪問權限

錯誤類型：邊界檢查錯誤

利用方式：服務器模式

BUGTRAQ ID：7453

受影響系統

Oracle Oracle7 7.3.3                   
Oracle Oracle7 7.3.4                   
   -RedHat Linux 5.0                   
   -RedHat Linux 5.1                   
   -RedHat Linux 5.2 i386              
   -RedHat Linux 6.0                   
   -RedHat Linux 6.1 i386              
   -Sun Solaris 2.4                    
   -Sun Solaris 2.4 _x86               
   -Sun Solaris 2.5                    
   -Sun Solaris 2.5 _x86               
   -Sun Solaris 2.5.1                  
   -Sun Solaris 2.5.1 _x86             
   -Sun Solaris 2.6                    
   +Sun Solaris 2.6 _x86               
Oracle Oracle8 8.0.1                   
Oracle Oracle8 8.0.2                   
Oracle Oracle8 8.0.3                   
Oracle Oracle8 8.0.4                   
Oracle Oracle8 8.0.4                   
Oracle Oracle8 8.0.5 .1                
Oracle Oracle8 8.0.5                   
Oracle Oracle8 8.0.5                   
   -SGI IRIX 6.5.4                     
Oracle Oracle8 8.0.6                   
Oracle Oracle8 8.0.6                   
Oracle Oracle8 8.1.5                   
   +HP HP-UX 11.0                      
   +HP HP-UX 11.11                     
   +RedHat Linux 6.1 i386              
   +RedHat Linux 6.2 i386              
   +Sun Solaris 7.0                    
   +Sun Solaris 8.0                    
Oracle Oracle8 8.1.6                   
Oracle Oracle8 8.1.7                   
   -Microsoft Windows 2000 Workstation 
Oracle Oracle8i 8.0 x                  
Oracle Oracle8i 8.0.6 .3               
Oracle Oracle8i 8.0.6                  
Oracle Oracle8i 8.1 x                  
Oracle Oracle8i 8.1.5                  
Oracle Oracle8i 8.1.6                  
Oracle Oracle8i 8.1.7 .4               
Oracle Oracle8i 8.1.7 .1               
Oracle Oracle8i 8.1.7                  
Oracle Oracle9i 9.0                    
Oracle Oracle9i 9.0.1 .4               
Oracle Oracle9i 9.0.1 .3               
Oracle Oracle9i 9.0.1 .2               
Oracle Oracle9i 9.0.1                  
Oracle Oracle9i 9.0.2                  
Oracle Oracle9i 9.2 .0.2               
Oracle Oracle9i 9.2 .0.1               
Oracle Oracle9i Release 2 9.2 .2       
Oracle Oracle9i Release 2 9.2 .2       
Oracle Oracle9i Release 2 9.2 .1       
Oracle Oracle9i Release 2 9.2 .1

詳細描述

Oracle Database Server實現上存在緩沖區溢出漏洞，問題在於服務器程序對CREATE DATABASE LINK查詢請求沒有進行充分的邊界檢查，攻擊者通過提交超長的請求會導致破壞堆棧中的數據轉而執行攻擊者指定的任意指令。

解決方案

廠商已經提供了補丁：

Oracle Oracle8i 8.0.6 .3:

Oracle Patch 2760879

http://metalink.Oracle.com/

Oracle Patch 2845564

http://metalink.Oracle.com/

Microsoft Windows NT/2000/XP.

Oracle Oracle8i 8.1.7 .4:

Oracle Patch 2784635

http://metalink.Oracle.com/

Oracle Patch 2899111

http://metalink.Oracle.com/

Microsoft Windows NT/2000/XP.

Oracle Oracle9i 9.0.1 .4:

Oracle Patch 2760944

http://metalink.Oracle.com/

Oracle Oracle9i 9.2 .0.2:

Oracle Patch 2749511

http://metalink.Oracle.com/

相關信息

"NGSSoftware Insight Security Research"

Oracle Database Server Buffer Overflow Vulnerability

http://online.securityfocus.com/archive/1/319914