Intrusion Prevention

Oracle.Connect.Username.Buffer.Overflow

Description

It indicates a possible exploit of "buffer overflow" vulnerability in Oracle.exe executable.
Oracle Database server is popularly know database application server software and it is widely used across the globe. A buffer overflow vulnerability is reported in its binary Oracle.exe that may allow an attacker to execute arbitrary code on the vulnerable system. This is due to Oracle.exe binary failure to boundary check user supplied authentication data. If a client application does not limit on username length, it is possible for an attacker to send overly long username to Oracle database to occur buffer overflow in it. This will make possible for an attacker to execute arbitrary code on the vulnerable system with Oracle.exe rights and leading to compromise of the affected system.

Affected Products

Oracle Oracle9i Standard Edition 9.2 .0.2
Oracle Oracle9i Standard Edition 9.2 .0.1
Oracle Oracle9i Standard Edition 9.0.2
Oracle Oracle9i Standard Edition 9.0.1 .3
Oracle Oracle9i Standard Edition 9.0.1 .2
Oracle Oracle9i Standard Edition 9.0.1
Oracle Oracle9i Standard Edition 9.0
Oracle Oracle8i Standard Edition 8.1.7 .1
Oracle Oracle8i Standard Edition 8.1.7
Oracle Oracle8 8.0.6

Impact

The execution of arbitrary code on the system.
Compromise of the affected system.

Recommended Actions

Apply patch according to following reference:
http://www.oracle.com/technology/deploy/security/pdf/2003alert51.pdf

CVE References

CVE-2003-0095

Other References

1