Application Security Inc. - Securing Business by Securing Enterprise Applications

home

client login

partner login

online store

search:

MOST POPULAR CONTENT

1.	Top Database Security Threats for 2008
2.	Database Security Best Practices for Federal Agencies
3.	PCI Compliance at the Database Level
4.	Forrester WAVE Summary Scorecard
5.	SOX Compliance and Database Security

DbProtect AppRadar Filters™ - 23 March 2007

Oracle Cursor Injection Attack

A new exploitation technique of Oracle SQL Injection attacks has been presented at the BlackHat federal conference in Washington D.C. 2007 It consists of cursors specifically created for injection on functions, procedures, etc. vulnerable to SQL injection. This technique is making the exploitation of Oracle SQL injection vulnerabilities easier, based on the fact that the attacker only requires CREATE SESSION privileges on the database if the vulnerable function / procedure has public permissions.

DbProtect AppRadar, a solution that provides continuous database activity monitoring, helps to manage and reduce this risk throughout the patch management life-cycle. Application Security, Inc. publishes DbProtect AppRadar Filters to specifically monitor for this new exploitation technique.

Downloading and Applying Filters in DbProtect AppRadar

Download this DbProtect AppRadar filter

Please adhere to the following instructions to import this file into DbProtect AppRadar:

(1) Import the Oracle Cursor Injection Attack focused monitoring Filters
(2) Add the Filters to the appropriate Policies
(3) and redeploy the Policies to the databases

More detailed directions instructions can be found here.