Up-to-date syndicated information on database & ERP privacy, security, audit and compliance
RSS icon Email icon Home icon

  • Fun ways to learn SQL injection

    Posted on June 30th, 2009 Team No comments

    50 ways to Inject your SQL

    I see your input’s not validated properly
    You have to check it at all tiers: 1, 2 and 3
    Give me a browser and quite soon you will agree. There must be
    50 ways to inject your SQL

    You see it really is my business to intrude
    The CTO wants to see this web app broke into
    Turn on my proxy and all doubt will be removed. There must be
    50 ways to inject your SQL
    50 ways to inject your SQL

    Try a quick hack, Jack
    Add a new row, Joe
    Try an insert, Kurt
    Change their SQL query

    Evade the regex, Rex
    Encode it all in hex
    Unbalance the quotes, Vinod
    And change the query

    Break the syntax, Max
    Use a backslash, Cash
    Try command shell, Mel,
    And change the query

    Use “one equals one,” son,
    Unhandled exception!
    Read the stack trace, ace
    and change the query

    He said our application is secure against your kind
    There are no simple vulnerabilities to find
    I said your coders write their code like they are blind, there must be
    50 ways to inject your SQL

    General

  • Un-patched Oracle Database Bugs – E-Business Suite Impact

    Posted on July 31st, 2006 Stephen Kost No comments

    There are currently three major un-patched and published Oracle Database security bugs and all three bugs impact the Oracle E-Business Suite.  All Oracle Applications 11i implementations should review the possible impact on their installations to determine the necessary corrective action.  I don't foresee any of these bugs being fixed before the October 2005 Critical Patch Update.

    Here is a quick rundown of the bugs --

    1. The previous fixes for a number of SQL injection bugs in standard Oracle Database packages are flawed and can still be compromised.  This is a particularly critical issue in Oracle Applications due to the APPLSYSPUB account and due to the design of the application.
    2. The View access bypass bug, first inadvertently published by Oracle in April 2006, was not patched in the July 2006 CPU.  This bug can be easily exploited in Oracle Applications.  Any database account with CREATE VIEW system privilege can insert, update, or delete any data where the account has only select permissions.  This bug pretty much blows any data integrity of the application out of the water if you have database accounts with CREATE VIEW privilege.
    3. An integer overflow exists in the Alter Session statement and can be exploited by the APPLSYSPUB account.  Although, advanced knowledge is probably required to exploit this issue, unless someone publishes a detailed exploit.

    Integrigy has released an in-depth analysis with possible mitigation steps.

    Database Security, General

Categories

Powered by WordPress
Designed by My Mobiles