Oracle 9i Release 2 XDB FTP Pass Overflow

Added: 02/25/2009
CVE: CVE-2003-0727
BID: 8375
OSVDB: 2449

Background

Oracle 9i release 2 includes the XDB FTP service which by default listens on port 2100.

Problem

A buffer overflow vulnerability in the parsing of credentials passed to the server allows remote attackers to execute arbitrary commands by sending a long username or password during authentication.

Resolution

The vulnerability is fixed in Oracle 9i version 9.2.0.4. To download and install the relevant patches follow the guide included in http://www.oracle.com/technology/deploy/security/pdf/2003Alert58.pdf.

References

http://otn.oracle.com/deploy/security/pdf/2003Alert58.pdf
http://www.blackhat.com/presentations/bh-usa-03/bh-us-03-litchfield-paper.pdf
http://www.appsecinc.com/resources/alerts/oracle/2003-0005.html

Limitations

Exploit works against version 9.2.0.1

Platforms

Windows Server 2003 SP2 / Windows Server 2003
Windows Server 2003 SP1
Windows Server 2003 SP0,SP1,SP2 DEP-Disabled
Windows 2000

Back to exploit index