Description: David Litchfield has reported a vulnerability in various Oracle products, which can be exploited by malicious people to bypass certain security restrictions.
The vulnerability is caused due to an error in the Oracle PL/SQL Gateway component during the validation of certain HTTP requests. This can be exploited to bypass the PLSQLExclusion list and gain access to excluded packages and procedures via specially-crafted HTTP requests.
Successful exploitation allows an attacker to gain DBA access to the database server through the web server.
The vulnerability has been reported in the PL/SQL Gateway component included in the Oracle Application Server and the Oracle HTTP Server.
Note: The affected component may also be included in other Oracle products.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
Solution: Apply patches from the April Critical Patch Update (see vendor advisory).
Provided and/or discovered by: David Litchfield, NGSSoftware.
Changelog: 2006-01-30: Added link to US-CERT vulnerability note.
2006-01-31: Added CVE reference.
2006-04-19: Updated "Solution" section.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
