Signature Detail
Short Name |
DB:ORACLE:VULN-VER-10.1.0.1 |
|---|---|
Severity |
Low |
Recommended |
No |
Category |
DB |
Keywords |
Oracle Vulnerable Version 10.1.0.1 |
Release Date |
2004/09/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
DB: Oracle Vulnerable Version 10.1.0.1
This signature detects access to a version of Oracle Database Server that has known root/system level vulnerabilties. Users are strongly encouraged to update the database server software.
Extended Description
Oracle Database Server is prone to an access validation vulnerability that may permit unprivileged users to execute commands as the DBA. This could compromise the database. This issue corresponds to one of the unspecified vulnerabilities mentioned in BID 10871 and addressed by Oracle Alert #68.
Affected Products
- Oracle Oracle8i Enterprise Edition 8.1.7.4.0
- Oracle Oracle8i Standard Edition 8.1.7 .4
- Oracle Oracle9i Enterprise Edition 9.0.0 .2.4
- Oracle Oracle9i Personal Edition 9.0.0 .2.4
- Oracle Oracle9i Standard Edition 9.0.0 .2.4
- Oracle Oracle9i Standard Edition 9.0.1 .3
References
- BugTraq: 11099
- CVE: CVE-2004-0637
- URL: http://otn.oracle.com/deploy/security/pdf/2004alert68.pdf