Oracle XDB component PITRIG_DROPMETADATA buffer overflow

Added: 11/23/2007
CVE: CVE-2007-4517
BID: 26374
OSVDB: 39918

Background

The PITRIG_DROPMETADATA function is included in the XDB.XDB_PITRIG_PKG package which is included with Oracle Database.

Problem

A buffer overflow vulnerability in the PITRIG_DROPMETADATA function allows remote, authenticated attackers to execute arbitrary commands by specifying an OWNER and NAME parameter with a long combined length.

Resolution

This vulnerability will be fixed in a future Critical Patch Update from Oracle.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=622&gt;

Limitations

Exploit works on Oracle Database 10g Release 2.

Exploit requires the login and password of a database user who has EXECUTE permission on package XDB.XDB_PITRIG_PKG. The default user “scott” has sufficient privilege if that account is enabled.

Platforms

Windows