Signature Detail

DB: Oracle 10g iSQLPlus Service Heap Overflow

This signature detects attempts to exploit a known vulnerability in the iSQLPlus service included with several products from Oracle. Attackers can supply overly long data with several login parameters to crash the iSQLPlus service or (in rare cases) execute arbitrary code on the server.

Extended Description

Oracle Database is reported prone to a buffer overflow vulnerability. Reportedly this issue affects the 'MDSYS.MD2.SDO_CODE_SIZE' procedure. An attacker can supply excessive data to an affected routine resulting in overflowing a destination buffer. This issue can be leveraged to execute arbitrary code and gain 'SYSDBA' privileges. It is conjectured that authentication is required to carry out an attack. This BID will be updated when more information is available.

Affected Products

• Oracle Oracle10g Application Server 10.1.0 .0.2
• Oracle Oracle10g Enterprise Edition 10.1.0 .0.2
• Oracle Oracle10g Personal Edition 10.1.0 .0.2
• Oracle Oracle10g Standard Edition 10.1.0 .0.2

References

• BugTraq: 13145
• CVE: CVE-2004-1774
• URL: http://secunia.com/advisories/12409
• URL: http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf
• URL: http://www.appsecinc.com/resources/alerts/oracle/2004-0001/26.html