[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Silently fixed security bugs in Oracle Critical Patch Update July 2005

To: <ak@xxxxxxxxxxxxxxxxxxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Re: Silently fixed security bugs in Oracle Critical Patch Update July 2005
From: "David Litchfield" <davidl@xxxxxxxxxxxxxxx>
Date: Fri, 15 Jul 2005 18:17:25 +0100

Hi Alex and all,

After reading the patch documentation and some tests with the CPU July 2005 I found out that Oracle fixed some security bugs silently without mention these bugs in their current risk matrix.

Detailed information about most of these bugs are not available via Metalink but in many cases the description is sufficient for a malicious attacker (e.g. "/DAV_PUBLIC IS NOT PROTECTED BY DEFAULT ENABLING MALITIOUS USER TO FILL IT UP")

For Mod_Oradav 9.0.2.3: 2576249 - /DAV_PUBLIC IS NOT PROTECTED BY DEFAULT ENABLING MALITIOUS USER TO FILL IT UP 2544464 - ORAALTPASSWORD SHOULD BE ENCRYPTED AND NOT JUST OBFUSCATED

I don't think this one was silently fixed - see http://www.securitytracker.com/alerts/2003/Feb/1006098.html

Cheers,
David Litchfield
NGSSoftware Ltd
http://www.ngssoftware.com/

References:
- Silently fixed security bugs in Oracle Critical Patch Update July 2005
  - From: ak

Prev by Date: Stack-Based Buffer Overflow in Sybase EAServer 4.2.5 to 5.2
Next by Date: [ GLSA 200507-16 ] dhcpcd: Denial of Service vulnerability
Previous by thread: Silently fixed security bugs in Oracle Critical Patch Update July 2005
Next by thread: Compromising pictures of Microsoft Internet Explorer!
Index(es):
- Date
- Thread