Check Point Advisories

Oracle Database Server String Conversion Function Buffer Overflow (CVE-2004-1364)

Check Point Reference: CPAI-2004-173
Date Published: 14 Dec 2009
Severity: Critical
Last Updated: Monday 14 December, 2009
Source:
Industry Reference:CVE-2004-1364
Protection Provided by:

Security Gateway
R81, R80, R77, R75
Who is Vulnerable?
Vulnerability Description Oracle's implementation of SQL provides several conversion and transformation functions to help database users work with the various data types. Conversion functions can be executed by all authenticated database users. There exists an input validation vulnerability with Oracle database server. Oracle database server provides a string conversion function that allows for a stack buffer overflow when certain values are converted to a string representation. An authenticated attacker may exploit this issue to execute an arbitrary code with the permissions of the Oracle database process or cause a denial of service. In case of a simple attack against this vulnerability, the Oracle database process will disconnect the attacking client and continue to operate normally as it correctly handles the memory violation exception. No other connections will be affected. In cases where an application uses format strings retrieved from a table or another modifiable storage area, it may be possible for an attacker to inject an overly long format string that would be used by many users, causing a denial of service. In case of a more sophisticated attack, arbitrary code may be executed. In this case the behavior of the target will depend on the nature of the injected code.

Protection Overview

This protection will detect and block attempts to exploit this vulnerability

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R80 / R77 / R75

  1. In the IPS tab, click Protections and find the Oracle Database Server String Conversion Function Buffer Overflow protection using the Search tool and Edit the protection's settings.
  2. Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name:  Oracle Protection Violation.
Attack Information:  Oracle Database Server string conversion function buffer overflow

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK