todaybas.blogg.se - Pl sql developer 11.0.4

#Pl sql developer 11.0.4 update
#Pl sql developer 11.0.4 upgrade
#Pl sql developer 11.0.4 full
#Pl sql developer 11.0.4 download

WhatsNew=New: Updated for PL/SQL Developer 7.1īy changing the returned file, replacing this line: WhatsNew=New: allow columns to be included/excluded from export, allow first column (Line No) always include/exclude from export WhatsNew=New version with Timezone correction and some bugfixes.

#Pl sql developer 11.0.4 download

WhatsNew=Improved download and Installation of Red Gate products from within Plug-In WhatsNew=Upgraded to work with PL/SQL Developer 9.0 WhatsNew=Fixed "List index out of bounds" error during document generation Here’s what a response looks like – it’s a INI-like file, the Download value is the item we care about most here: HTTP/1.1 200 OKĬache-Control: no-store, no-cache, must-revalidate, max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.3 WOW64 Trident/7.0 rv:11.0) like Gecko

#Pl sql developer 11.0.4 update

The update file is retrieved from – the request issued by the application looks like this: GET HTTP/1.1Īccept: text/html, application/xhtml+xml, */* It is recommended that all users update to the latest version. The vendor reports that this issue has been addressed by enforcing HTTPS on their website, and application changes made in version 11.0.6. The tested version of PL/SQL Developer was 11.0.4, though the issue likely well predates that version. This is a great example of the importance of using HTTPS for all traffic – it’s not just about privacy, it’s also critical for integrity.

#Pl sql developer 11.0.4 full

This means that a user believing that they are downloading an update, can actually be handing full control over to an attacker – this is a case where not bothering to use HTTPS to secure traffic, can provide multiple methods for an attacker to gain control of the user’s PC. If a command is inserted, it will be executed in the context of the user.

Command Execution when the user selects the Download option, the value in the file is effectively ShellExecute’d, without any validation – there is no requirement that it be a URL.

Redirect to malicious download as the user is likely unaware that they shouldn’t trust the file downloaded as a result of using the Download option, an attacker could replace the URL and point to a malicious file, or simply leverage their privileged position to provide a malicious file at the legitimate URL.

Info: If a URL, it’s executed so that the user’s browser opens to the specified URL otherwise content is displayed in a message box.

This is typically an executable (*.exe) as is the case elsewhere, the file is retrieved over HTTP, and no validation is being performed.

Download: Executes the URL provided, so that the user’s browser will open, and immediately download the file.

If no URL is provided, the option is not presented to the user.

Update: If a URL is provided, the application will download a file (also over HTTP), and apply the update.

#Pl sql developer 11.0.4 upgrade

This file is retrieved each time the application starts, and if a version listed in the file is greater than the version installed, the user will be prompted to upgrade (default behavior otherwise user not prompted until they select Help | Check Online Updates).

PL/SQL Developer has an update mechanism which retrieves a file containing information about available updates to PL/SQL Developer and other components this file is retrieved via HTTP, meaning that an attacker in a privileged network position could modify this file. When testing Windows applications, I make it a habit to have Fiddler running, to see if there is any interesting traffic – and in this case, there certainly was.

While looking into PL/SQL Developer – a very popular tool for working with Oracle databases, to see how it encrypts passwords I noticed something interesting.