CVE-2003-0095

Sažetak

Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP.

Reference

http://marc.info/?l=bugtraq&m=104549693426042&w=2
http://otn.oracle.com/deploy/security/pdf/2003alert51.pdf
http://www.cert.org/advisories/CA-2003-05.html
http://www.ciac.org/ciac/bulletins/n-046.shtml
http://www.iss.net/security_center/static/11328.php
http://www.kb.cert.org/vuls/id/953746
http://www.osvdb.org/6319
http://www.securityfocus.com/bid/6849

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

18-10-2016 - 02:29

Objavljeno

03-03-2003 - 05:00