 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.802523 |
| Kategorie: | Databases |
| Titel: | Oracle Database Server MDSYS.MD Buffer Overflows and DoS Vulnerabilities |
| Zusammenfassung: | Oracle database is prone to a Buffer Overflow and denial of; service (DoS) vulnerabilities. |
| Beschreibung: | Summary: Oracle database is prone to a Buffer Overflow and denial of service (DoS) vulnerabilities. Vulnerability Insight: The flaws are due to an error in 'MDSYS.MD' package that is used in the Oracle spatial component. The package has EXECUTE permissions set to PUBLIC, so any Oracle database user can exploit the vulnerability to execute arbitrary code. Vulnerability Impact: Successful exploitation allows an attacker to execute arbitrary code. It can also be exploited to cause a Denial of Service by crashing the Oracle server process. Affected Software/OS: Oracle Database server versions 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4. Solution: Apply the patch from the referenced advisory. CVSS Score: 8.5 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-0272 BugTraq ID: 22083 http://www.securityfocus.com/bid/22083 Bugtraq: 20070124 Oracle Multiple Buffer Overflows and DoS attacks in public procedures of MDSYS.MD (Google Search) http://www.securityfocus.com/archive/1/458038/100/0/threaded Bugtraq: 20070718 Oracle Database Buffer overflows and Denial of service vulnerabilities in public procedures of MDSYS.MD (DB12) (Google Search) http://www.securityfocus.com/archive/1/474047/100/0/threaded Cert/CC Advisory: TA07-017A http://www.us-cert.gov/cas/techalerts/TA07-017A.html http://www.appsecinc.com/resources/alerts/oracle/2007-05.shtml http://osvdb.org/32911 http://securitytracker.com/id?1017522 http://secunia.com/advisories/23794 XForce ISS Database: oracle-cpu-jan2007(31541) https://exchange.xforce.ibmcloud.com/vulnerabilities/31541 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |