Signature Detail

DB: Oracle Login Bypass

This signature detects attempts to exploit a known vulnerability in the Oracle Database Server product. This security bypass vulnerability exists due to insufficient validation of the AUTH_ALTER_SESSION option in the login process. A remote attacker with valid user credentials can use this vulnerability to bypass access controls and execute SQL statements with administrator privileges.

Extended Description

Various Oracle products -- Oracle Database Server, Oracle Enterprise Manager, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business Suite, PeopleSoft Enterprise Portal, JD Edwards EnterpriseOne Tools, OneWorld Tools, Oracle Developer Suite, and Oracle Workflow -- are prone to multiple vulnerabilities. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Oracle has released a Critical Patch Update advisory for January 2006 to address these vulnerabilities. This Critical Patch Update addresses the vulnerabilities for supported releases. Earlier, unsupported releases are likely to be affected by the issues as well.

Affected Products

• Hp oracle_for_openview 8.1.7
• Hp oracle_for_openview 9.1.01
• Hp oracle_for_openview 9.2
• Oracle application_server_10g 10.1.2
• Oracle application_server_10g 9.0.4
• Oracle application_server_10g 9.0.4 .1
• Oracle application_server_10g 9.0.4 .2
• Oracle application_server_release_2 10.1.2 .0.0
• Oracle application_server_release_2 10.1.2 .0.1
• Oracle application_server_release_2 10.1.2 .0.2
• Oracle collaboration_suite_release_1 10.1.1
• Oracle collaboration_suite_release_1 10.1.2
• Oracle collaboration_suite_release_1
• Oracle collaboration_suite_release_2 9.0.4 .2
• Oracle developer_suite 10.1.2
• Oracle developer_suite 9.0.2 .1
• Oracle developer_suite 9.0.4 .1
• Oracle developer_suite 9.0.4 .2
• Oracle e-business_suite_11i 11.5.1
• Oracle e-business_suite_11i 11.5.10
• Oracle e-business_suite_11i 11.5.2
• Oracle e-business_suite_11i 11.5.3
• Oracle e-business_suite_11i 11.5.4
• Oracle e-business_suite_11i 11.5.5
• Oracle e-business_suite_11i 11.5.6
• Oracle e-business_suite_11i 11.5.7
• Oracle e-business_suite_11i 11.5.8
• Oracle e-business_suite_11i 11.5.9
• Oracle enterprise_manager_grid_control_10g 10.1.0 .3
• Oracle enterprise_manager_grid_control_10g 10.1.0 .4
• Oracle jd_edwards_enterpriseone 8.95.0 F1
• Oracle jd_edwards_enterpriseone SP23_L1
• Oracle oracle10g_application_server 10.1.2
• Oracle oracle10g_application_server 10.1.2 .0.1
• Oracle oracle10g_application_server 10.1.2 .0.2
• Oracle oracle10g_application_server 10.1.2 .1.0
• Oracle oracle10g_application_server 9.0.4 .1
• Oracle oracle10g_application_server 9.0.4 .2
• Oracle oracle10g_enterprise_edition 10.1.0 .0.3
• Oracle oracle10g_enterprise_edition 10.1.0 .0.4
• Oracle oracle10g_personal_edition 10.1.0 .0.3
• Oracle oracle10g_personal_edition 10.1.0 .0.4
• Oracle oracle10g_standard_edition 10.1.0 .0.3
• Oracle oracle10g_standard_edition 10.1.0 .0.4
• Oracle oracle10g_standard_edition 10.1.0 .0.5
• Oracle oracle10g_standard_edition 10.1.0 .4.2
• Oracle oracle10g_standard_edition 10.2.0.1
• Oracle oracle8 8.0.6
• Oracle oracle8 8.0.6 .3
• Oracle oracle8 8.1.7 .4
• Oracle oracle8i_enterprise_edition 8.1.7.4.0
• Oracle oracle8i_standard_edition 8.0.6
• Oracle oracle8i_standard_edition 8.0.6 .3
• Oracle oracle8i_standard_edition 8.1.7 .4
• Oracle oracle9i_application_server 1.0.2 .2
• Oracle oracle_9i_application_server_release_1 1.0.2 .2
• Oracle oracle9i_enterprise_edition 9.0.1 .4
• Oracle oracle9i_enterprise_edition 9.0.1 .5
• Oracle oracle9i_enterprise_edition 9.0.1 .5 FIPS
• Oracle oracle9i_standard_edition 9.2.0 .6
• Oracle oracle9i_standard_edition 9.2.0 .7
• Oracle workflow 11.5.1
• Oracle workflow 11.5.9 .5
• Peoplesoft enterprise_portal 8.4.0
• Peoplesoft enterprise_portal 8.8.0
• Peoplesoft enterprise_portal 8.9.0

References

• BugTraq: 16287
• BugTraq: 16287
• CVE: CVE-2006-0283
• URL: http://www.securityfocus.com/archive/1/422253/30/0/threaded
• URL: http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html