[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    BBED - Oracle Block Browser and Editor
From:       pete () petefinnigan ! com
Date:       2007-01-31 21:36:10
Message-ID: 20070131213610.24392.qmail () securityfocus ! com
[Download RAW message or body]

Hi All,

I just posted an entry to my blog about the Oracle BBED tool. It was shipped as a \
binary on some Windows platforms in the past and as an object file on *Nix platforms \
that can be built with a shipped make file. I reported this tool as a security risk \
some years ago to Oracle. 

I came across a great paper on how to use the tool this evening and it reminded me of \
why I thought it was a security risk. A good example would to chnage the SYS password \
hash to a known value and then log in, or to defeat VPD and read protected data, \
recover deleted data, remove audit trail entries and many more..... 

This could be done without any database audit trail being created. The paper shows \
examples of how data can be changed without database authentication (server access is \
needed). My blog entry is at http://www.petefinnigan.com/weblog/archives/00000999.htm \
and the paper is at http://orafaq.com/papers/dissassembling_the_data_block.pdf

cheers

Pete Finnigan


[prev in list] [next in list] [prev in thread] [next in thread]