Oracle TZ_OFFSET Function Remote Overflow

2003-02-16T00:00:00
ID OSVDB:6321
Type osvdb
Reporter Mark Litchfield(mark@ngssoftware.com)
Modified 2003-02-16T00:00:00

Description

Vulnerability Description

A remote overflow exists in Oracle Database Server. The TZ_OFFSET function fails to perform proper bounds checking resulting in a buffer overflow. By providing an overly long argument to the TZ_OFFSET function, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability.

Short Description

A remote overflow exists in Oracle Database Server. The TZ_OFFSET function fails to perform proper bounds checking resulting in a buffer overflow. By providing an overly long argument to the TZ_OFFSET function, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor Specific Advisory URL Security Tracker: 1006094 Related OSVDB ID: 6320 Related OSVDB ID: 6322 Other Advisory URL: http://www.nextgenss.com/advisories/ora-tzofstbo.txt Keyword: #NISR16022003c ISS X-Force ID: 11326 CVE-2003-0096 CIAC Advisory: n-046 CERT VU: 743954