Advisory Details

April 17th, 2007

Oracle E-Business Suite Arbitrary Node Deletion Vulnerability

ZDI-07-016
ZDI-CAN-136

CVE ID CVE-2007-2170
CVSS SCORE
AFFECTED VENDORS Oracle / PeopleSoft
AFFECTED PRODUCTS Database Server
TREND MICRO CUSTOMER PROTECTION Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 4919. For further product information on the TippingPoint IPS: http://www.tippingpoint.com
VULNERABILITY DETAILS

This vulnerability allows remote attackers to delete any existing Document Management node on vulnerable installations of Oracle E-Business Suite. Authentication is not required to exploit this vulnerability.

The specific flaw exists in the APPLSYS.FND_DM_NODES package. The procedure to delete nodes does not check for a valid session thereby allowing an attacker to arbitrarily delete any node registered, including the root node.

ADDITIONAL DETAILS Oracle / PeopleSoft has issued an update to correct this vulnerability. More details can be found at:
Oracle Critical Patch Update - April 2007
DISCLOSURE TIMELINE
  • 2007-01-29 - Vulnerability reported to vendor
  • 2007-04-17 - Coordinated public release of advisory
CREDIT Joxean Koret
BACK TO ADVISORIES