Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.12047
Kategorie:Gain a shell remotely
Titel:Oracle timezone overflow
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote Oracle Database, according to its version number, is vulnerable
to a buffer overflow in the query SET TIME_ZONE.

An attacker with a database account may use this flaw to gain the control
on the whole database, or even to obtain a shell on this host.

Solution : Upgrade to Oracle 9.2.0.3 - http://metalink.oracle.com
See Also : http://www.nextgenss.com/advisories/ora_time_zone.txt
Risk factor : High

Querverweis: BugTraq ID: 9587
Common Vulnerability Exposure (CVE) ID: CVE-2003-1208
http://www.securityfocus.com/bid/9587
Bugtraq: 20040205 Oracle Database 9ir2 Interval Conversion Functions Buffer Overflow (Google Search)
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0030.html
CERT/CC vulnerability note: VU#240174
http://www.kb.cert.org/vuls/id/240174
CERT/CC vulnerability note: VU#399806
http://www.kb.cert.org/vuls/id/399806
CERT/CC vulnerability note: VU#819126
http://www.kb.cert.org/vuls/id/819126
CERT/CC vulnerability note: VU#846582
http://www.kb.cert.org/vuls/id/846582
Computer Incident Advisory Center Bulletin: O-093
http://www.ciac.org/ciac/bulletins/o-093.shtml
http://www.nextgenss.com/advisories/ora_from_tz.txt
http://www.nextgenss.com/advisories/ora_numtodsinterval.txt
http://www.nextgenss.com/advisories/ora_numtoyminterval.txt
http://www.nextgenss.com/advisories/ora_time_zone.txt
http://www.osvdb.org/3837
http://www.osvdb.org/3838
http://www.osvdb.org/3839
http://www.osvdb.org/3840
http://secunia.com/advisories/10805
XForce ISS Database: oracle-multiple-function-bo(15060)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15060
CopyrightThis script is (C) 2004 Tenable Network Security

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.