DB: Oracle Database Server XDB PITRIG_DROPMETADATA Procedure Buffer Overflow

There exists a buffer overflow vulnerability in Oracle Database Server product. The vulnerability exists due to insufficient validation of the arguments supplied to procedure PITRIG_DROPMETADATA in XDB.XDB_PITRIG_PKG package. A remote attacker with valid user credentials may leverage this vulnerability to execute arbitrary code within the security context of the affected service. In case the attack is aiming at a denial of service attack, the vulnerable Oracle database server process will terminate, and the database service will no longer be available until it is restarted. It is also possible that the database data will be corrupted during the database server termination. In case the attacker has successfully injected and executed malicious code on the vulnerable target host, the behaviour of the target system is dependent on the malicious code. Note that any code executed by the attacker runs with the privileges of the Oracle database server process. On Windows systems, the Oracle database server process runs as the System user.

Extended Description

Oracle Database Server is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An authenticated attacker can exploit this issue to execute arbitrary code within the context of the database account. Failed exploit attempts will result in a denial of service.

Affected Products

Oracle oracle10g_enterprise_edition

References

BugTraq: 26374

CVE: CVE-2007-4517

URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=622

Short Name

DB:ORACLE:XDB-DROPMETADATA

Severity

Major

Recommended

False

Recommended Action

Drop

DB: Oracle Database Server XDB PITRIG_DROPMETADATA Procedure Buffer Overflow

Extended Description

Affected Products

References

Found a potential security threat?