Researcher finds new way to hack Oracle database
Security researcher David Litchfield has released technical details of a new
type of attack that could give a hacker access to an Oracle database.
Called a lateral SQL injection, the attack could be used to gain database administrator
privileges on an Oracle server in order to change or delete data or even install
software, Litchfield said in an interview on Thursday.
Litchfield first disclosed this type of attack at the Black Hat Washington
conference last February, but on Thursday he published
a paper with technical details.
In a SQL injection, attackers create specially crafted search terms that trick
the database into running SQL commands. Previously, security experts thought
that SQL injections would only work if the attacker was inputting character
strings into the database, but Litchfield has shown that the attack can work
using new types of data, known as date and number data types.
Litchfield's attack targets the Procedural Language/SQL programming language
used by Oracle developers.
A noted database hacker, Litchfield is best known as the researcher who published
details on the bug used in the 2003 SQL Slammer worm, which targeted Microsoft's
SQL Server database.
Litchfield wasn't sure how widespread lateral SQL injection vulnerabilities
are, but he thinks the attack could cause real damage in some scenarios.
"If you happen to be using Oracle and you write your own applications
on it, then yes, you could be writing vulnerable code," he said. "The
sky is not falling ... but it's certainly something that people should be made
aware of."
Database programmers should review their code to be sure it is checking to
make sure that all of the data it is processing is legitimate, and not injected
SQL commands, he said.
Oracle did not return a call seeking comment.
IDG News Service
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
Enterprise 2.0 Implementation
By Aaron C. Newman, Jeremy Thomas
Published by McGraw-Hill
Learn more!
Deploying Cisco Wide Area Application Services
By Zach Seils, Joel Christner
Published by Cisco Press
Learn more!
