Oracle Advanced Replication组件REPCAT_RPC.VALIDATE_REMOTE_RC()函数权限提升漏洞

BUGTRAQ ID: 35685 CVE ID: CVE-2009-1021 Oracle Database是一款商业性质大型数据库系统。 Oracle数据库Advanced Replication组件中的REPCATRPC.VALIDATEREMOTERC函数执行了可能受控的匿名PL/SQL。该函数取当前登录用户名为第一个参数，第二个参数VALIDATESTRING直接放到了PLSQL的匿名块中并执行： ... ... SQLCURSOR := DBMSSQL.OPENCURSOR; DBMSSQL.PARSESQLCURSOR, 'BEGIN ' || ' :err :=...

Oracle PL/SQL Injection Flaw in REPCAT_RPC.VALIDATE_REMOTE_RC

Hey all, The Oracle REPCATRPC.VALIDATEREMOTERC function executes blocks of anonymous PL/SQL that can be influenced by an attacker to execute arbitrary PL/SQL. As this package is only accessible directly by SYS this flaw would not normally present a risk. However, the REPCATRPC.VALIDATEREMOTERC...