Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 DB:ORACLE:SQL-PLUS-LOAD-UIX

Severity

 Low

Recommended

 No

Category

 DB

Keywords

 Oracle ISQL*Plus load.uix Access

Release Date

 2005/03/02

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

DB: Oracle ISQL*Plus load.uix Access


This signature detects access to the load.uix file on an SQL server. This webserver allows read access to any file on the server allowable by the service process. An attacker could obtain sensitive server configuration information such as /etc/passwd or c:\boot.ini.

Extended Description

Reportedly, multiple unspecified Oracle products contain multiple unspecified vulnerabilities. The reported vulnerabilities include SQL-injection issues, buffer-overflow issues, and others. There have also been reports that issues covered in this BID and resolved in the referenced Oracle patch include trigger-abuse issues, character-set-conversion bugs, and denial-of-service vulnerabilities. More information is pending. Note that a number of unsupported versions of affected products may also potentially be vulnerable.

Affected Products

  • Oracle Applications 10.7.0
  • Oracle Applications 11.0.0
  • Oracle Application Server 10g 9.0.4
  • Oracle Application Server 10g 9.0.4 .1
  • Oracle Application Server Web Cache 10g 9.0.4 .0
  • Oracle Collaboration Suite Release 1
  • Oracle Configurator 11.0.0 I
  • Oracle E-Business Suite 10.7.0
  • Oracle E-Business Suite 11.0.0
  • Oracle E-Business Suite 11i 11.1.0
  • Oracle E-Business Suite 11i 11.2.0
  • Oracle E-Business Suite 11i 11.3.0
  • Oracle E-Business Suite 11i 11.4.0
  • Oracle E-Business Suite 11i 11.5.0
  • Oracle E-Business Suite 11i 11.5.1
  • Oracle E-Business Suite 11i 11.5.2
  • Oracle E-Business Suite 11i 11.5.3
  • Oracle E-Business Suite 11i 11.5.4
  • Oracle E-Business Suite 11i 11.5.5
  • Oracle E-Business Suite 11i 11.5.6
  • Oracle E-Business Suite 11i 11.5.7
  • Oracle E-Business Suite 11i 11.5.8
  • Oracle E-Business Suite 11i 11.5.9
  • Oracle E-Business Suite 11i 11.6.0
  • Oracle E-Business Suite 11i 11.7.0
  • Oracle E-Business Suite 11i 11.8.0
  • Oracle Enterprise Manager 9.0.0 I
  • Oracle Enterprise Manager 9.0.1
  • Oracle Enterprise Manager Database Control 10g 10.1.0 .0.2
  • Oracle Enterprise Manager Grid Control 10g 10.1.0 .0.2
  • Oracle Files 9.0.3 .1.0
  • Oracle Files 9.0.3 .2.0
  • Oracle Files 9.0.3 .3.0
  • Oracle Files 9.0.3 .3.6
  • Oracle iStore 11i 11I.IBE.O
  • Oracle Label Security 8.1.7
  • Oracle Label Security 9.0.1
  • Oracle listener 8.0.6
  • Oracle listener 8.1.6
  • Oracle Oracle10g Application Server 10.1.0 .0.2
  • Oracle Oracle10g Application Server 9.0.4 .0
  • Oracle Oracle10g Enterprise Edition 10.1.0 .0.2
  • Oracle Oracle10g Enterprise Edition 9.0.4 .0
  • Oracle Oracle10g Personal Edition 10.1.0 .0.2
  • Oracle Oracle10g Personal Edition 9.0.4 .0
  • Oracle Oracle10g Standard Edition 10.1.0 .0.2
  • Oracle Oracle10g Standard Edition 9.0.4 .0
  • Oracle Oracle8 8.0.1
  • Oracle Oracle8 8.0.2
  • Oracle Oracle8 8.0.3
  • Oracle Oracle8 8.0.4
  • Oracle Oracle8 8.0.5
  • Oracle Oracle8 8.0.5 .1
  • Oracle Oracle8 8.0.6
  • Oracle Oracle8 8.1.5
  • Oracle Oracle8 8.1.6
  • Oracle Oracle8 8.1.7
  • Oracle Oracle8i Enterprise Edition 8.0.5 .0.0
  • Oracle Oracle8i Enterprise Edition 8.0.6 .0.0
  • Oracle Oracle8i Enterprise Edition 8.0.6 .0.1
  • Oracle Oracle8i Enterprise Edition 8.1.5 .0.0
  • Oracle Oracle8i Enterprise Edition 8.1.5 .0.2
  • Oracle Oracle8i Enterprise Edition 8.1.5 .1.0
  • Oracle Oracle8i Enterprise Edition 8.1.6 .0.0
  • Oracle Oracle8i Enterprise Edition 8.1.6 .1.0
  • Oracle Oracle8i Enterprise Edition 8.1.7 .0.0
  • Oracle Oracle8i Enterprise Edition 8.1.7 .1.0
  • Oracle Oracle8i Enterprise Edition 8.1.7.4.0
  • Oracle Oracle8i Standard Edition 8.0.6
  • Oracle Oracle8i Standard Edition 8.0.6 .3
  • Oracle Oracle8i Standard Edition 8.1.5
  • Oracle Oracle8i Standard Edition 8.1.6
  • Oracle Oracle8i Standard Edition 8.1.7
  • Oracle Oracle8i Standard Edition 8.1.7 .0.0
  • Oracle Oracle8i Standard Edition 8.1.7 .1
  • Oracle Oracle8i Standard Edition 8.1.7 .4
  • Oracle Oracle9i Application Server 9.0.2
  • Oracle Oracle9i Application Server 9.0.2 .0.0
  • Oracle Oracle9i Application Server 9.0.2 .0.1
  • Oracle Oracle9i Application Server 9.0.2 .1
  • Oracle Oracle9i Application Server 9.0.2 .2
  • Oracle Oracle9i Application Server 9.0.2 .3
  • Oracle Oracle9i Application Server 9.0.3
  • Oracle Oracle9i Application Server 9.0.3 .1
  • Oracle Oracle9i Application Server
  • Oracle Oracle9i Application Server Portal 9.0.2 .3
  • Oracle Oracle9i Application Server Portal 9.0.2 .3A
  • Oracle Oracle9i Application Server Portal 9.0.2 .3B
  • Oracle Oracle 9i Application Server Release 1 1.0.2 .2
  • Oracle Oracle9i Application Server Reports 9.0.2
  • Oracle Oracle9i Application Server Reports 9.0.2 .1
  • Oracle Oracle9i Application Server Web Cache 9.0.2 .2
  • Oracle Oracle9i Application Server Web Cache 9.0.2 .3
  • Oracle Oracle9i Application Server Web Cache 9.0.3 .1
  • Oracle Oracle9i Client Edition 9.2.0 .0.1
  • Oracle Oracle9i Client Edition 9.2.0 .0.2
  • Oracle Oracle9i Enterprise Edition 8.1.7
  • Oracle Oracle9i Enterprise Edition 9.0.0 .2.4
  • Oracle Oracle9i Enterprise Edition 9.0.1
  • Oracle Oracle9i Enterprise Edition 9.0.1 .4
  • Oracle Oracle9i Enterprise Edition 9.0.1 .5
  • Oracle Oracle9i Enterprise Edition 9.2.0 .0
  • Oracle Oracle9i Enterprise Edition 9.2.0 .0.1
  • Oracle Oracle9i Enterprise Edition 9.2.0 .0.3
  • Oracle Oracle9i Enterprise Edition 9.2.0 .0.5
  • Oracle Oracle9i Enterprise Edition 9.2.0.2
  • Oracle Oracle9i Lite 5.0.0 .0.0.0
  • Oracle Oracle9i Lite 5.0.0 .1.0.0
  • Oracle Oracle9i Lite 5.0.0 .2.0.0
  • Oracle Oracle9i Lite 5.0.0 .2.9.0
  • Oracle Oracle9i Personal Edition 8.1.7
  • Oracle Oracle9i Personal Edition 9.0.0 .2.4
  • Oracle Oracle9i Personal Edition 9.0.1
  • Oracle Oracle9i Personal Edition 9.0.1 .4
  • Oracle Oracle9i Personal Edition 9.0.1 .5
  • Oracle Oracle9i Personal Edition 9.2.0
  • Oracle Oracle9i Personal Edition 9.2.0 .0.1
  • Oracle Oracle9i Personal Edition 9.2.0 .0.2
  • Oracle Oracle9i Personal Edition 9.2.0 .0.3
  • Oracle Oracle9i Personal Edition 9.2.0 .0.5
  • Oracle Oracle9i Standard Edition 8.1.7
  • Oracle Oracle9i Standard Edition 9.0.0
  • Oracle Oracle9i Standard Edition 9.0.0 .2.4
  • Oracle Oracle9i Standard Edition 9.0.1
  • Oracle Oracle9i Standard Edition 9.0.1 .2
  • Oracle Oracle9i Standard Edition 9.0.1 .3
  • Oracle Oracle9i Standard Edition 9.0.1 .4
  • Oracle Oracle9i Standard Edition 9.0.1 .5
  • Oracle Oracle9i Standard Edition 9.0.2
  • Oracle Oracle9i Standard Edition 9.2.0
  • Oracle Oracle9i Standard Edition 9.2.0 .0.1
  • Oracle Oracle9i Standard Edition 9.2.0 .0.2
  • Oracle Oracle9i Standard Edition 9.2.0 .0.3
  • Oracle Oracle9i Standard Edition 9.2.0 .0.5
  • Oracle Oracle9i Standard Edition 9.2.0 .3
  • Oracle Oracle HTTP Server 8.1.7
  • Oracle Oracle HTTP Server 9.0.1
  • Oracle Oracle HTTP Server 9.2.0 .0
  • Sun SunMC 3.5.0 Update 1A
  • Sun SunMC 3.5 Update 1

References

  • BugTraq: 10871
  • CVE: CVE-2004-1368
  • URL: http://www.ngssoftware.com/advisories/oracle23122004E.txt
  • URL: http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out