Oracle has released patches for two security holes in its 9i
database that could have allowed an attacker to take over or run
code on affected systems.
The more serious of the two bugs exists in the Net Listener
component of 9i, which "listens" for client requests for use of the
database, according to a security bulletin from UK-based Next
Generation Security Software (NGSSoftware), the company that
originally discovered the flaws.
A buffer overflow problem in Net Listener could let an attacker
overrun the memory assigned to the application, allowing attack
code to be run in the database's security context, NGSSoftware
said.
The hole is exploitable from remote computers and affects all
version 9 releases of Oracle 9i running on Windows and VM,
according to Oracle.
The second vulnerability is also the result of a buffer overflow,
this time in Oracle's 9iAS Reports Server, NGSSoftware said.
If an attacker overruns the buffer in the software, they would be
able to run code in the server's security context, which is often
the local system context on Windows systems, the company said.
The flaw affects Oracle 9iAS Reports Server 1.0, but not 2.0, and
any Oracle product containing Reports Server 6.0.8.18.0 and older,
Oracle said.
Both patches are available to Oracle customers at the company's
Metalink Web
site.
Oracle has been running a marketing campaign claiming that its
products were "unbreakable" and could not be hacked.