Oracle 10g DBMS_Scheduler SESSION_USER allows elevated privileges
| oracle10g-gain-privileges (20410) |  High Risk |
Description:
Oracle Database Server could allow a remote attacker to gain elevated privileges caused by a vulnerability in the DBMS_Scheduler SESSION_USER. A remote attacker with CREATE job privileges could switch the session_user to SYS to gain elevated privileges on the system.
Consequences:
Gain Privileges
Remedy:
For Oracle 10g:
Apply the patchset 10.1.0.4, when it becomes available from the Oracle Database Server Patch Sets Web page. See References.
References:
- Oracle Database Documentation Library: Oracle Database ONline Documentation 10g Release 1 (10.1).
- Oracle Database Server Patch Sets Web page: Oracle Database Server Patch Sets.
- Oracle Database Web page: Oracle Database.
- Red Database Security VU#176909: DBMS_SCHEDULER SESSION_USER issue in Oracle 10g.
- BID-13509: Oracle 10g DBMS_Scheduler Privilege Escalation Vulnerability
- CVE-2005-1496: The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user.
Platforms Affected:
- Oracle Database Server 10.1.0.2
- Oracle Database Server 10.1.0.3
- Oracle Database Server 10.1.0.3.1
Reported:
May 05, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net