Bugtraq mailing list archives
AW: Silently fixed security bugs in Oracle Critical Patch Update July 2005
From: "Kornbrust, Alexander" <ak () red-database-security com>
Date: Fri, 15 Jul 2005 19:37:03 +0200
Hi David and all, You are right. Bug 2576249 (DAV_PUBLIC) was discovered by the Litchfield brothers and is already fixed with Alert 52. Correct me if I'm wrong, but I am not aware that the other bugs (Memory leak, webcache SSL 40bit encryption, oraaltpassword ...) are already covered by another Oracle security alert. Cheers Alexander Kornbrust Red-Database-Security GmbH http://www.red-database-security.com -----Ursprüngliche Nachricht----- Von: David Litchfield [mailto:davidl () ngssoftware com] Gesendet: Freitag, 15. Juli 2005 19:17 An: Kornbrust, Alexander; bugtraq () securityfocus com Betreff: Re: Silently fixed security bugs in Oracle Critical Patch Update July 2005 Hi Alex and all,
After reading the patch documentation and some tests with the CPU July 2005 I found out that Oracle fixed some security bugs silently without mention these bugs in their current risk matrix. Detailed information about most of these bugs are not available via Metalink but in many cases the description is sufficient for a malicious attacker (e.g. "/DAV_PUBLIC IS NOT PROTECTED BY DEFAULT ENABLING MALITIOUS USER TO FILL IT UP") For Mod_Oradav 9.0.2.3: 2576249 - /DAV_PUBLIC IS NOT PROTECTED BY DEFAULT ENABLING MALITIOUS USER TO FILL IT UP 2544464 - ORAALTPASSWORD SHOULD BE ENCRYPTED AND NOT JUST OBFUSCATED
I don't think this one was silently fixed - see http://www.securitytracker.com/alerts/2003/Feb/1006098.html Cheers, David Litchfield NGSSoftware Ltd http://www.ngssoftware.com/
Current thread:
- AW: Silently fixed security bugs in Oracle Critical Patch Update July 2005 Kornbrust, Alexander (Jul 15)