Multiple Oracle XDB FTP / HTTP Services Buffer Overflow Vulnerabilities

info
discussion
exploit
solution
references

Multiple Oracle XDB FTP / HTTP Services Buffer Overflow Vulnerabilities

David Litchfield, has illustrated multiple vulnerabilities in the Oracle 9i XML Database (XDB), during a seminar on "Variations in exploit methods between Linux and Windows" presented at the Blackhat conference.

Ultimately exploitation of these issues may provide for remote execution of arbitrary code in the security context of the vulnerable service.