Executive Summary

Informations
Name CVE-2005-1495 First vendor Publication 2005-05-11
Vendor Cve Last vendor Modification 2017-07-11

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1495

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3
Application 9
Application 10

Open Source Vulnerability Database (OSVDB)

Id Description
16258 Oracle Database Fine Grained Auditing (FGA) SELECT Statement Logging Weakness

Oracle 9i and Oracle 10g Database Servers do not produce a proper audit trailer if a SYS level user performs a SELECT statement on a table. This allows a remote attacker to disable the Fine Grained Audit (FGA). If an attacker knows which tables are accessed via a SYS level user, the attacker can perform SELECT queries without any logging being performed.

Nessus® Vulnerability Scanner

Date Description
2012-01-24 Name : The remote web server may be affected by multiple vulnerabilities.
File : oracle_application_server_pci.nasl - Type : ACT_GATHER_INFO
2005-05-09 Name : The remote database server may allow logging to be disabled.
File : oracle_fga_logging_failure.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/16258
BUGTRAQ http://marc.info/?l=bugtraq&m=111531683824209&w=2
CERT-VN http://www.kb.cert.org/vuls/id/777773
MISC http://www.red-database-security.com/advisory/oracle-fine-grained-auditing-is...
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/20407

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
Date Informations
2021-05-04 12:02:57
  • Multiple Updates
2021-04-22 01:03:12
  • Multiple Updates
2020-05-23 00:16:33
  • Multiple Updates
2017-07-11 12:01:55
  • Multiple Updates
2016-10-18 12:01:40
  • Multiple Updates
2014-02-17 10:31:21
  • Multiple Updates
2013-05-11 11:25:56
  • Multiple Updates