Three Tier Oracle Security in London ~ Paul M. Wright

(nix, oracle, java, www, cloud ) intersect (safety, security, reliability, integrity)

Three Tier Oracle Security in London ~ Paul M. Wright RSS Feed
 

Archive for September, 2008

Bypassing ORA-01997 to Backdoor SYSDBA

Last week we talked about how it has been possible to escalate from DBA to SYSDBA within Oracle and the implication of this due to the higher privileges that SYSDBAs have such as access to the strongest crypto in the DB. Sven has added that “Fine-Grained Access for Network callouts” in 11g can only be [...]

SYSDBA Specific Privileges

I mentioned a while ago about this SYSDBA privilege escalation http://www.pythian.com/blogs/388/exploiting-sysdba-invoker-rights-using-trigger-on-database. There have been some subsequent comments made that SYSDBA is effectively the same as DBA and so what is the difference i.e. DBA to SYSDBA privilege escalation is not a concern. That got me thinking about the differences between DBA and SYSDBA as they [...]

Sentrigo solves DB security problems

Having already experienced the supposed cream of Database security monitoring systems and found out that they do not work very well, I am pleased to say that this is not the case with Sentrigo Hedgehog. Hedgehog consists of an agent that runs on the DB OS separate from the Oracle process and sends the alerts [...]

DBMS_ASSERT bypass solution

DBMS_ASSERT is Oracle’s builtin input validation package and was introduced in 10gR2 and backported via the CPUs to vulnerable 10gR1 packages. This has been documented at http://www.oracle-base.com/articles/10g/dbms_assert_10gR2.php as well as http://www.ngssoftware.com/papers/DBMS_ASSERT.pdf. Unfortunately the package was implemented erroneously in some instances because the input validation could be bypassed by enquoting the input with double quotes. http://www.red-database-security.com/wp/bypass_dbms_assert.pdf. [...]