| VID |
25104 |
| Severity |
40 |
| Port |
1521, ... |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The remote Oracle database server is missing the July 2011 Critical Patch Update (CPU) and therefore is potentially affected by security issues in the following components :
- Core RDBMS (CVE-2011-0832, CVE-2011-0835, CVE-2011-0838, CVE-2011-0880, CVE-2011-2230, CVE-2011-2239, CVE-2011-2243, CVE-2011-2253)
- Content Management (CVE-2011-0882)
- Database Target Type Menus (CVE-2011-2257)
- SQL Performance Advisories/UIs (CVE-2011-2248)
- Schema Management (CVE-2011-0870)
- Security Framework (CVE-2011-0848, CVE-2011-2244)
- Security Management (CVE-2011-0852)
- Streams, AQ & Replication Management (CVE-2011-0822)
- XML Developer Kit (CVE-2011-2231, CVE-2011-2232)
- CMDB Metadata & Instance APIs (CVE-2011-0816)
- EMCTL (CVE-2011-0875, CVE-2011-0881)
- Enterprise Config Management (CVE-2011-0811, CVE-2011-0831)
- Enterprise Manager Console (CVE-2011-0876)
- Event Management (CVE-2011-0830)
- Instance Management (CVE-2011-0877, CVE-2011-0879)
- Database Vault (CVE-2011-2238)
- Oracle Universal Installer (CVE-2011-2240)
* Note: This check solely relied on the version number of the remote Oracle Database server to assess this vulnerability, so this might be a false positive.
* References:
http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html
* Platforms Affected:
Oracle Database 11g Release 2, versions 11.2.0.1, 11.2.0.2
Oracle Database 11g Release 1, version 11.1.0.7
Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5
Oracle Database 10g Release 1, version 10.1.0.5
Microsoft Windows Any version
Linux Any version
Unix Any version |
| Recommendation |
Oracle has released a Critical Patch Update to address these issues. Information regarding obtaining and applying an appropriate patch can be found in the Oracle Critical Patch Update Advisory dated July 2011 at http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html |
| Related URL |
CVE-2011-0811,CVE-2011-0816,CVE-2011-0822,CVE-2011-0830,CVE-2011-0831,CVE-2011-0832,CVE-2011-0835,CVE-2011-0838,CVE-2011-0848 (CVE) |
| Related URL |
48726,48727,48728,48730,48731,48732,48733,48734,48735,48736,48737,48738,48739,48740,48741,48742,48743,48745,48746,48748,48749,48750,48751 (SecurityFocus) |
| Related URL |
(ISS) |
|
