Signature Detail

DB: Oracle Database SYS.LT.FINDRICSET Unsafe Command

This signature detects attempts to exploit a known vulnerability in the Oracle Database SYS.LT.FINDRICSET function. A successful attack can lead to the injection of arbitrary SQL code into the server.

Extended Description

Oracle Workspace Manager is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Successful exploits allow 'PUBLIC' users to gain 'SYS' privileges; other attacks may also be possible. NOTE: This issue was previously documented in BID 26039 (Oracle October 2007 Critical Patch Update Multiple Vulnerabilities) but has been given its own BID because further technical details are now available.

Affected Products

• HP Oracle for OpenView 8.1.7
• HP Oracle for OpenView 9.1.01
• HP Oracle for OpenView 9.2
• HP Oracle for OpenView for Linux LTU
• HP Oracle for OpenView for Linux LTU Service Bureaus
• Oracle Oracle10g Application Server 10.1.2 .0.1
• Oracle Oracle10g Enterprise Edition 10.1.0 .5
• Oracle Oracle10g Enterprise Edition 10.2.0 .2
• Oracle Oracle10g Enterprise Edition 10.2.0 .3
• Oracle Oracle10g Personal Edition 10.1.0.5
• Oracle Oracle10g Personal Edition 10.2.0 .2
• Oracle Oracle10g Personal Edition 10.2.0 .3
• Oracle Oracle10g Standard Edition 10.1.0 .0.5
• Oracle Oracle10g Standard Edition 10.2.0 .2
• Oracle Oracle10g Standard Edition 10.2.0 .3
• Oracle Oracle9i Application Server 9.2.0 .8

References

• BugTraq: 26098
• CVE: CVE-2007-5511
• URL: http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-oracle-workspace-manager/