oval:org.mitre.oval:def:22047
| Definition Id: oval:org.mitre.oval:def:22047 | |||
| Oval ID: | oval:org.mitre.oval:def:22047 | ||
| Title: | The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force password guessing attacks, aka "stealth password cracking vulnerability." | ||
| Description: | The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force password guessing attacks, aka "stealth password cracking vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-3137 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Oracle Database Server |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17171 | |||
| Oval ID: | oval:org.mitre.oval:def:17171 | ||
| Title: | Oracle Database Server is installed | ||
| Description: | Oracle Database Server is installed. | ||
| Family: | windows | Class: | inventory |
| Reference(s): | cpe:/a:oracle:database_server | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Oracle Database Server |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:22047 | |||
