Summary
| Detail | |||
|---|---|---|---|
| Vendor | Oracle | First view | 2002-07-03 |
| Product | oracle9i | Last view | 2005-05-11 |
| Version | 9.0.1 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:oracle:oracle9i | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2005-05-11 | CVE-2005-1495 | Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection. |
| 6.5 | 2004-12-23 | CVE-2004-1339 | SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the new.table_name or new.column_name parameters. |
| 6.5 | 2004-12-23 | CVE-2004-1338 | The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actions: using CCBKAPPLROWTRIG or EXEC_CBK_FN_DML to add arbitrary functions to the SDO_CMT_DBK_FN_TABLE and SDO_CMT_CBK_DML_TABLE, then performing a DELETE on the SDO_TXN_IDX_INSERTS table, which causes the SDO_CMT_CBK_TRIG trigger to execute the user-supplied functions. |
| 9 | 2003-05-12 | CVE-2003-0222 | Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter. |
| 9 | 2003-03-03 | CVE-2003-0096 | Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3) a long DIRECTORY parameter to the BFILENAME function. |
| 10 | 2003-03-03 | CVE-2003-0095 | Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP. |
| 7.5 | 2002-11-12 | CVE-2002-1264 | Buffer overflow in Oracle iSQL*Plus web application of the Oracle 9 database server allows remote attackers to execute arbitrary code via a long USERID parameter in the isqlplus URL. |
| 5 | 2002-10-28 | CVE-2002-1118 | TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and Oracle 8i 8.1.x, allows remote attackers to cause a denial of service (hang or crash) via a SERVICE_CURLOAD command. |
| 6.8 | 2002-10-11 | CVE-2002-0840 | Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157. |
| 7.5 | 2002-10-04 | CVE-2002-0965 | Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not properly handled when writing an error message to a log file. |
| 5 | 2002-09-05 | CVE-2002-0856 | SQL*NET listener for Oracle Net Oracle9i 9.0.x and 9.2 allows remote attackers to cause a denial of service (crash) via certain debug requests that are not properly handled by the debugging feature. |
| 5 | 2002-08-12 | CVE-2002-0509 | Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a single malformed TCP packet to port 1521. |
| 7.5 | 2002-07-03 | CVE-2002-0571 | Oracle Oracle9i database server 9.0.1.x allows local users to access restricted data via a SQL query using ANSI outer join syntax. |
| 2.1 | 2002-07-03 | CVE-2002-0568 | Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory. |
| 7.5 | 2002-07-03 | CVE-2002-0567 | Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) allows remote attackers to bypass authentication and execute arbitrary functions by using the TNS Listener to directly connect to the EXTPROC process. |
| 5 | 2002-07-03 | CVE-2002-0566 | PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to cause a denial of service (crash) via an HTTP Authorization header without an authentication type. |
| 5 | 2002-07-03 | CVE-2002-0565 | Oracle 9iAS 1.0.2.x compiles JSP files in the _pages directory with world-readable permissions under the web root, which allows remote attackers to obtain sensitive information derived from the JSP code, including usernames and passwords, via a direct HTTP request to _pages. |
| 7.5 | 2002-07-03 | CVE-2002-0564 | PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to bypass authentication for a Database Access Descriptor (DAD) by modifying the URL to reference an alternate DAD that already has valid credentials. |
| 5 | 2002-07-03 | CVE-2002-0563 | The default configuration of Oracle 9i Application Server 1.0.2.x allows remote anonymous users to access sensitive services without authentication, including Dynamic Monitoring Services (1) dms0, (2) dms/DMSDump, (3) servlet/DMSDump, (4) servlet/Spy, (5) soap/servlet/Spy, and (6) dms/AggreSpy; and Oracle Java Process Manager (7) oprocmgr-status and (8) oprocmgr-service, which can be used to control Java processes. |
| 5 | 2002-07-03 | CVE-2002-0562 | The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information including usernames and passwords via a direct HTTP request to globals.jsa. |
| 7.5 | 2002-07-03 | CVE-2002-0561 | The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote attackers to gain privileges and modify DAD settings. |
| 5 | 2002-07-03 | CVE-2002-0560 | PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to obtain sensitive information via the OWA_UTIL stored procedures (1) OWA_UTIL.signature, (2) OWA_UTIL.listprint, or (3) OWA_UTIL.show_query_columns. |
| 7.5 | 2002-07-03 | CVE-2002-0559 | Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allow remote attackers to cause a denial of service or execute arbitrary code via (1) a long help page request without a dadname, which overflows the resulting HTTP Location header, (2) a long HTTP request to the plsql module, (3) a long password in the HTTP Authorization, (4) a long Access Descriptor (DAD) password in the addadd form, or (5) a long cache directory name. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 50% (3) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 16% (1) | CWE-287 | Improper Authentication |
| 16% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 16% (1) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-198 | Cross-Site Scripting in Error Pages |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 44590 | Oracle Application Server Java Process Manager /oprocmgr-service Remote Anony... |
| 16258 | Oracle Database Fine Grained Auditing (FGA) SELECT Statement Logging Weakness |
| 14895 | Oracle _pages Directory Compiled JSP Source Disclosure |
| 13152 | Oracle Application Server Java Process Manager /oprocmgr-status Anonymous Pro... |
| 12751 | Oracle SDO_CMT_CBK_TRIG Trigger Arbitrary Command Injection |
| 9477 | Oracle Net Services TNS Listener SERVICE_CURLOAD Command DoS |
| 9474 | Oracle PL/SQL Module HTTP Authorization Header DoS |
| 9473 | Oracle PL/SQL Module Alternate DAD Request Authentication Bypass |
| 9472 | Oracle PL/SQL Gateway Web Admin Interface Null Authentication |
| 9471 | Oracle Application Server PL/SQL Module OWA_UTIL Stored Procedures Informatio... |
| 9470 | Oracle PL/SQL Module Cache Directory Name Overflow |
| 9469 | Oracle PL/SQL Module addadd Form DAD Password Overflow |
| 9468 | Oracle PL/SQL Module HTTP Authorization Password Overflow |
| 9467 | Oracle PL/SQL Module HTTP Request Overflow |
| 9466 | Oracle PL/SQL Module Help Page HTTP Location Header Overflow |
| 9465 | Oracle TNS Listener Malformed TCP Packet DoS |
| 7736 | Oracle Net Services CREATE DATABASE LINK Query Overflow |
| 6322 | Oracle BFILENAME Function Remote Overflow |
| 6321 | Oracle TZ_OFFSET Function Remote Overflow |
| 6320 | Oracle TO_TIMESTAMP_TZ Function Remote Overflow |
| 6319 | Oracle Database Server Remote username Overflow |
| 5236 | Oracle Database Server ANSI Outer Join SQL Query Information Disclosure |
| 5234 | Oracle PL/SQL Package for External Procedures (EXTPROC) TNS Listener Authenti... |
| 5065 | Oracle Database Net Services SQL*NET Listener Malformed Command Debugging Rem... |
| 5041 | Oracle 9i TNS Listener SERVICE_NAME Parameter Overflow |
OpenVAS Exploits
| id | Description |
|---|---|
| 2009-05-05 | Name : HP-UX Update for Apache HPSBUX00224 File : nvt/gb_hp_ux_HPSBUX00224.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 187-1 (apache) File : nvt/deb_187_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 188-1 (apache-ssl) File : nvt/deb_188_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 195-1 (apache-perl) File : nvt/deb_195_1.nasl |
| 2005-11-03 | Name : Oracle XSQLServlet XSQLConfig.xml File File : nvt/oracle9i_XSQLServlet_XSQLConfig.nasl |
| 2005-11-03 | Name : Oracle 9iAS Dynamic Monitoring Services File : nvt/oracle9i_apache_dms.nasl |
| 2005-11-03 | Name : Oracle 9iAS Globals.jsa access File : nvt/oracle9i_globals_dot_jsa.nasl |
| 2005-11-03 | Name : Oracle 9iAS Java Process Manager File : nvt/oracle9i_java_process_manager.nasl |
| 2005-11-03 | Name : Oracle 9iAS Jsp Source File Reading File : nvt/oracle9i_jsp_source.nasl |
| 2005-11-03 | Name : Oracle 9iAS OWA UTIL access File : nvt/oracle9i_owautil.nasl |
| 2005-11-03 | Name : Oracle 9iAS SOAP configuration file retrieval File : nvt/oracle9i_soapconfig.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-09-10 | Oracle 9i Application Server OWA_UTIL information disclosure attempt RuleID : 50926 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-09-10 | Oracle 9i Application Server OWA_UTIL information disclosure attempt RuleID : 50925 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-09-10 | Oracle 9i Application Server OWA_UTIL information disclosure attempt RuleID : 50924 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-09-10 | Oracle 9i Application Server OWA_UTIL information disclosure attempt RuleID : 50923 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-09-10 | Oracle 9i Application Server OWA_UTIL information disclosure attempt RuleID : 50922 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-09-10 | Oracle 9i Application Server OWA_UTIL information disclosure attempt RuleID : 50921 - Type : SERVER-WEBAPP - Revision : 1 |
| 2018-02-03 | Apache SSI error page cross-site scripting attempt RuleID : 45307 - Type : SERVER-APACHE - Revision : 2 |
| 2017-07-27 | Oracle Application Server 9i unauthenticated dms access attempt RuleID : 43357 - Type : SERVER-WEBAPP - Revision : 2 |
| 2017-07-27 | Oracle Application Server 9i unauthenticated dms access attempt RuleID : 43356 - Type : SERVER-WEBAPP - Revision : 2 |
| 2017-07-27 | Oracle Application Server 9i unauthenticated dms access attempt RuleID : 43355 - Type : SERVER-WEBAPP - Revision : 2 |
| 2017-07-27 | Oracle Application Server 9i unauthenticated dms access attempt RuleID : 43354 - Type : SERVER-WEBAPP - Revision : 2 |
| 2017-07-27 | Oracle Application Server 9i unauthenticated dms access attempt RuleID : 43353 - Type : SERVER-WEBAPP - Revision : 2 |
| 2017-07-27 | Oracle Application Server 9i unauthenticated dms access attempt RuleID : 43352 - Type : SERVER-WEBAPP - Revision : 2 |
| 2014-01-10 | user name buffer overflow attempt RuleID : 2650-community - Type : SERVER-ORACLE - Revision : 6 |
| 2014-01-10 | user name buffer overflow attempt RuleID : 2650 - Type : SERVER-ORACLE - Revision : 6 |
| 2014-01-10 | Oracle 9i TNS Listener SERVICE_NAME Remote Buffer Overflow attempt RuleID : 2649-community - Type : SERVER-ORACLE - Revision : 8 |
| 2014-01-10 | Oracle 9i TNS Listener SERVICE_NAME Remote Buffer Overflow attempt RuleID : 2649 - Type : SERVER-ORACLE - Revision : 8 |
| 2014-01-10 | LINK metadata buffer overflow attempt RuleID : 2611-community - Type : SERVER-ORACLE - Revision : 12 |
| 2014-01-10 | LINK metadata buffer overflow attempt RuleID : 2611 - Type : SERVER-ORACLE - Revision : 12 |
| 2014-01-10 | globals.jsa access RuleID : 1873-community - Type : SERVER-WEBAPP - Revision : 12 |
| 2014-01-10 | globals.jsa access RuleID : 1873 - Type : SERVER-WEBAPP - Revision : 12 |
| 2014-01-10 | Oracle XSQLConfig.xml access RuleID : 1871-community - Type : SERVER-WEBAPP - Revision : 12 |
| 2014-01-10 | Oracle XSQLConfig.xml access RuleID : 1871 - Type : SERVER-WEBAPP - Revision : 12 |
| 2014-01-10 | database username buffer overflow RuleID : 13719 - Type : SERVER-ORACLE - Revision : 6 |
| 2014-01-10 | Oracle database version 9 username buffer overflow attempt RuleID : 13618 - Type : SERVER-ORACLE - Revision : 5 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2012-01-24 | Name: The remote web server may be affected by multiple vulnerabilities. File: oracle_application_server_pci.nasl - Type: ACT_GATHER_INFO |
| 2010-04-30 | Name: The remote web server is prone to cross-site scripting attacks. File: torture_cgi_XSS_headers.nasl - Type: ACT_MIXED_ATTACK |
| 2005-05-09 | Name: The remote database server may allow logging to be disabled. File: oracle_fga_logging_failure.nasl - Type: ACT_GATHER_INFO |
| 2005-03-18 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_28098.nasl - Type: ACT_GATHER_INFO |
| 2005-03-18 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_28099.nasl - Type: ACT_GATHER_INFO |
| 2005-03-18 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_28111.nasl - Type: ACT_GATHER_INFO |
| 2005-02-16 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_28090.nasl - Type: ACT_GATHER_INFO |
| 2005-02-16 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_28705.nasl - Type: ACT_GATHER_INFO |
| 2004-09-29 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-187.nasl - Type: ACT_GATHER_INFO |
| 2004-09-29 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-195.nasl - Type: ACT_GATHER_INFO |
| 2004-09-29 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-188.nasl - Type: ACT_GATHER_INFO |
| 2004-07-31 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2002-068.nasl - Type: ACT_GATHER_INFO |
| 2004-07-06 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2002-251.nasl - Type: ACT_GATHER_INFO |
| 2003-05-04 | Name: The remote host has an application that is affected by a buffer overflow vuln... File: oracle_link_overflow.nasl - Type: ACT_GATHER_INFO |
| 2003-03-24 | Name: The remote host has an application that is affected by an authentication bypa... File: oracle9i_mod_plsql_config.nasl - Type: ACT_ATTACK |
| 2003-02-11 | Name: Sensitive data may be accessed on the remote host. File: oracle9i_owautil.nasl - Type: ACT_GATHER_INFO |
| 2003-02-11 | Name: The remote web server is affected by an information disclosure vulnerability. File: oracle9i_soapconfig.nasl - Type: ACT_GATHER_INFO |
| 2002-10-04 | Name: The remote web server is affected by multiple vulnerabilities. File: apache_1_3_27.nasl - Type: ACT_GATHER_INFO |
| 2002-02-07 | Name: Sensitive data can be read on the remote host. File: oracle9i_XSQLServlet_XSQLConfig.nasl - Type: ACT_GATHER_INFO |
| 2002-02-07 | Name: Sensitive resources can be accessed. File: oracle9i_apache_dms.nasl - Type: ACT_GATHER_INFO |
| 2002-02-07 | Name: Sensitive data may be disclosed on the remote host. File: oracle9i_globals_dot_jsa.nasl - Type: ACT_GATHER_INFO |
| 2002-02-07 | Name: It is possible to obtain the list of Java processes running on the remote hos... File: oracle9i_java_process_manager.nasl - Type: ACT_GATHER_INFO |
| 2002-02-07 | Name: Sensitive data may be read on the remote host. File: oracle9i_jsp_source.nasl - Type: ACT_GATHER_INFO |
