投递文章
投稿指南
Oracle是一款商业性质功能强大的数据库。
Oracle SYS.KUPV$FT_INT包含多个SQL注入问题,远程攻击者可以利用漏洞获得敏感信息。
SYS.KUPV$FT_INT包在函数UPDATE_JOB, ACTIVE_JOB, ATTACH_POSSIBLE, ATTACH_TO_JOB,
CREATE_NEW_JOB, DELETE_JOB, DELETE_MASTER_TABLE, DETACH_JOB,
GET_JOB_INFO, GET_JOB_QUEUES, GET_SOLE_JOBNAME, MASTER_TBL_LOCK,
VALID_HANDLE中包含16个SQL注入,攻击者可以利用这些问题进行SQL注入,获得敏感信息或可以操作数据库。
CNCAN ID:CNCAN-2006011818
漏洞消息时间:2006-01-17
漏洞起因
设计错误
影响系统
PeopleSoft Enterprise Portal 8.9
PeopleSoft Enterprise Portal 8.8
PeopleSoft Enterprise Portal 8.4
Oracle Workflow 11.5.9 .5
Oracle Workflow 11.5.1
Oracle Oracle9i Standard Edition 9.2 .0.7
Oracle Oracle9i Standard Edition 9.2 .0.6
Oracle Oracle9i Enterprise Edition 9.0.1 .5 FIPS
Oracle Oracle9i Enterprise Edition 9.0.1 .5
Oracle Oracle9i Enterprise Edition 9.0.1 .4
Oracle Oracle9i Application Server 1.0.2 .2
Oracle Oracle8i Standard Edition 8.1.7 .4
Oracle Oracle8i Standard Edition 8.1.7 .4
Oracle Oracle8i Standard Edition 8.0.6 .3
Oracle Oracle8i Standard Edition 8.0.6
Oracle Oracle8i Enterprise Edition 8.1.7 .4
Oracle Oracle8 8.1.7 .4
Oracle Oracle8 8.0.6 .3
Oracle Oracle8 8.0.6
Oracle Oracle10g Standard Edition 10.2 .0.1
Oracle Oracle10g Standard Edition 10.1 .0.5
Oracle Oracle10g Standard Edition 10.1 .0.4.2
Oracle Oracle10g Standard Edition 10.1 .0.4
Oracle Oracle10g Standard Edition 10.1 .0.3
Oracle Oracle10g Personal Edition 10.1 .0.4
Oracle Oracle10g Personal Edition 10.1 .0.3
Oracle Oracle10g Enterprise Edition 10.1 .0.4
Oracle Oracle10g Enterprise Edition 10.1 .0.3
Oracle Oracle10g Application Server 10.1.2 .1.0
Oracle Oracle10g Application Server 10.1.2 .0.2
Oracle Oracle10g Application Server 10.1.2 .0.1
Oracle Oracle10g Application Server 10.1.2
Oracle Oracle10g Application Server 9.0.4 .2
Oracle Oracle10g Application Server 9.0.4 .1
Oracle Oracle 9i Application Server Release 1 1.0.2 .2
Oracle JD Edwards EnterpriseOne 8.95 _F1
Oracle JD Edwards EnterpriseOne SP23_L1
Oracle Enterprise Manager Grid Control 10g 10.1 .0.4
Oracle Enterprise Manager Grid Control 10g 10.1 .0.3
Oracle E-Business Suite 11i 11.5.9
Oracle E-Business Suite 11i 11.5.8
Oracle E-Business Suite 11i 11.5.7
Oracle E-Business Suite 11i 11.5.6
Oracle E-Business Suite 11i 11.5.5
Oracle E-Business Suite 11i 11.5.4
Oracle E-Business Suite 11i 11.5.3
Oracle E-Business Suite 11i 11.5.2
Oracle E-Business Suite 11i 11.5.1
Oracle E-Business Suite 11i 11.5 .10
Oracle Developer Suite 10.1.2
Oracle Developer Suite 9.0.4 .2
Oracle Developer Suite 9.0.4 .1
Oracle Developer Suite 9.0.2 .1
Oracle Collaboration Suite Release 2 9.0.4 .2
Oracle Collaboration Suite Release 1 10.1.2
Oracle Collaboration Suite Release 1 10.1.1
Oracle Collaboration Suite Release 1
Oracle Application Server Release 2 10.1.2 .0.2
Oracle Application Server Release 2 10.1.2 .0.1
Oracle Application Server Release 2 10.1.2 .0.0
Oracle Application Server 10g 10.1.2
Oracle Application Server 10g 9.0.4 .2
Oracle Application Server 10g 9.0.4 .1
Oracle Application Server 10g 9.0.4
危害
远程攻击者可以利用漏洞获得敏感信息。
攻击所需条件
攻击者必须访问Oracle。
厂商解决方案
可参考如下链接获得ORACLE公告提供的解决方案:
http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html
漏洞提供者
Alexander Kornbrust (ak at red-database-security.com)
漏洞消息链接
http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041498.html
漏洞消息标题
[Full-disclosure] Oracle Database 10g Rel. 1 - SQL Injection in SYS.KUPV$FT_INT