TippingPoint Zero Day Initiative
 

Oracle E-Business Suite Arbitrary Node Deletion Vulnerability

ZDI-07-016: April 17th, 2007

CVE ID

Affected Vendors

Affected Products

    Database Server

TippingPoint™ IPS Customer Protection

TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 4919. For further product information on the TippingPoint IPS:

Vulnerability Details

This vulnerability allows remote attackers to delete any existing Document Management node on vulnerable installations of Oracle E-Business Suite. Authentication is not required to exploit this vulnerability.

The specific flaw exists in the APPLSYS.FND_DM_NODES package. The procedure to delete nodes does not check for a valid session thereby allowing an attacker to arbitrarily delete any node registered, including the root node.

Vendor Response

Oracle / PeopleSoft has issued an update to correct this vulnerability. More details can be found at:

Disclosure Timeline

    2007-01-29 - Vulnerability reported to vendor
    2007-04-17 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:
    Joxean Koret