mailing list archives
AW: Silently fixed security bugs in Oracle Critical Patch Update July 2005
From: "Kornbrust, Alexander" <ak () red-database-security com>
Date: Fri, 15 Jul 2005 19:37:03 +0200
Hi David and all,
You are right.
Bug 2576249 (DAV_PUBLIC) was discovered by the Litchfield brothers and is already fixed with Alert 52.
Correct me if I'm wrong, but I am not aware that the other bugs (Memory leak, webcache SSL 40bit encryption,
oraaltpassword ...) are already covered by another Oracle security alert.
Von: David Litchfield [mailto:davidl () ngssoftware com]
Gesendet: Freitag, 15. Juli 2005 19:17
An: Kornbrust, Alexander; bugtraq () securityfocus com
Betreff: Re: Silently fixed security bugs in Oracle Critical Patch Update July 2005
Hi Alex and all,
After reading the patch documentation and some tests with the CPU July
2005 I found out that Oracle fixed some security bugs silently without
mention these bugs in their current risk matrix.
Detailed information about most of these bugs are not available via
Metalink but in many cases the description is sufficient for a malicious
(e.g. "/DAV_PUBLIC IS NOT PROTECTED BY DEFAULT ENABLING MALITIOUS USER TO
FILL IT UP")
For Mod_Oradav 18.104.22.168:
2576249 - /DAV_PUBLIC IS NOT PROTECTED BY DEFAULT ENABLING MALITIOUS USER
TO FILL IT UP
2544464 - ORAALTPASSWORD SHOULD BE ENCRYPTED AND NOT JUST OBFUSCATED
I don't think this one was silently fixed - see
- AW: Silently fixed security bugs in Oracle Critical Patch Update July 2005 Kornbrust, Alexander (Jul 15)