xfocus logo xfocus title
welcome documents programs exploits advisories forums
Chinese Version

Oracle8.1.6 DBSNMP Remote execute Vulnerability


Create: 2002-01-16
Author: benjurry (benjurry_at_xfocus.org)

---------------------------------------------------------------------------
Oracle8.1.6 DBSNMP Remote execute Vulnerability
---------------------------------------------------------------------------


Release Date:

2002-01-15

Author:

benjurry(benjurry@xfocus.org)

Homepage:

www.benjurry.org www.xfocus.org

Affected system:


Oracle 8i

Not affected system:

Oracle 9i

Description:

The command "dbsnmp_start"and "dbsnmp_stop" of LSNRCTL should only be run locally ,but if I send these command such as "(CONNECT_DATA=(COMMAND=dbsnmp_start))" by program. when tnslsnr.exe recive it, a memory error will occur, successful use this vulnerability and work with other bug in tnslsnr.exe, we can gain system privilege.


Exploit:

dbsnmp.c

ABOUT XFOCUS
Xfocus is a non-profit and free technology organization which was founded in 1998 in China. We are devoting to research and demonstration of weaknesses related to network services and communication security.

Copyright 2001 http://xfocus.org, All rights reserved.