Oracle: cursor injection

"It was previously thought that an attacker needed high-level privileges on the database to exploit so-called PL SQL injection vulnerabilities. With a new attack technique, that's no longer true, David Litchfield, a database security expert with NGS Software, said on Thursday at the Black Hat DC event here.

"It is a trick that can be used by attackers with minimal privileges to gain complete control of the database server," Litchfield said in an interview. "You can use the trick through a large number of vulnerabilities that were previously thought not to be that significant."

Litchfield, who has had Oracle in his crosshairs for some time, detailed his technique, dubbed "cursor injection," in a paper that was originally published last weekend (PDF) and discussed at the event. Examples of attack code that takes advantage of the tricks have already appeared, Litchfield said. "

Notícia completa

Fonte: ZDNet