| VID |
25048 |
| Severity |
30 |
| Port |
1521, ... |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The Oracle Database server, according to its version number, has multiple directory traversal vulnerabilities. Oracle8i and 9i Database servers are vulnerable to multiple directory traversal vulnerabilities that may allow a remote authenticated attacker to read, write, or rename arbitrary files with the privileges of the Oracle Database server. These vulnerabilities are reported to exist due to a lack of sufficient input validation performed on filenames and paths passed to file processing functions, and may allow a malicious SQL query to traverse outside of a directory that is described in an Oracle directory object.
* Note: This check solely relied on the version number of the remote Oracle Database server to assess this vulnerability, so this might be a false positive.
* References:
http://securityfocus.com/archive/1/392527
http://www.argeniss.com/research/ARGENISS-ADV-030501.txt
http://www.petefinnigan.com/directory_traversal.pdf
http://www.oracle.com/technology/deploy/security/pdf/cpu-jan-2005_advisory.pdf
* Platforms Affected:
Oracle Corporation, Oracle8i Database Server Any version
Oracle Corporation, Oracle9i Database Server Any version
Microsoft Windows Any version
Linux Any version
Unix Any version |
| Recommendation |
Oracle has released a Critical Patch Update to address these issues. Information regarding obtaining and applying an appropriate patch can be found in the Oracle Critical Patch Update Advisory dated January 2005 at http://www.oracle.com/technology/deploy/security/pdf/cpu-jan-2005_advisory.pdf
-- OR --
As a workaround, restrict access to Directory Objects and UTL_FILE package. |
| Related URL |
(CVE) |
| Related URL |
12749 (SecurityFocus) |
| Related URL |
(ISS) |
|
