DB: Oracle DBMS CDC/AQJM Unsafe Function
This signature detects attempts to exploit a known vulnerability in the Oracle database. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the daemon.
Extended Description
Oracle has released its critical patch update for April 2008. The advisory addresses 41 vulnerabilities affecting Oracle Database, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business Suite and Applications, Oracle Enterprise Manager, Oracle PeopleSoft Enterprise, and Oracle Siebel SimBuilder. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly compromise affected computers.
Affected Products
Oracle siebel_simbuilder
References
BugTraq: 28725
CVE: CVE-2008-1811
URL: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2008.html
Short Name
DB:ORACLE:DBMS:CDC-AQJM-UNSAFE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
CDC/AQJM CVE-2008-1811 DBMS Function Oracle Unsafe bid:28725
Release Date
01/29/2009
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3729
False Positive
Unknown
Vendors
Oracle
Hp
CVSS Score
5.5