GEN:SID | 1:2649 |
Message | ORACLE service_name buffer overflow attempt |
Summary | This event is generated when an attempt is made to exploit a known vulnerability in a Oracle database implementation.
|
Impact | Serious. Execution of arbitrary code may be possible. A Denial of Service (DoS) condition may also be caused.
|
Detailed Information | An attacker can attempt to connect to a database using an overly long service_name value. This can cause a buffer overflow, allowing an attacker to execute arbitrary code.
If you are running Oracle on a Windows server, make sure that the variable $ORACLE_PORTS is set to a value of "any".
|
Affected Systems | Oracle7, Oracle8, Oracle8i, and Oracle9i
|
Attack Scenarios | An attacker can attempt to connect to a database supplying the service_name an overly long value. The result could permit the attacker to gain escalated privileges and run code of their choosing.
|
Ease of Attack | Simple.
|
Additional References | Other: http://www.appsecinc.com/Policy/PolicyCheck52.html
|
Rule References | url: www.appsecinc.com/Policy/PolicyCheck52.html
|