DB: Oracle DBMS_EXPORT_EXTENSION Package Privilege Escalation
This signature detects attempts to exploit a known vulnerability against Oracle Database Server. A successful attack can lead to privilege escalation.
Extended Description
Oracle has released a Critical Patch Update advisory for April 2006 to address multiple vulnerabilities in multiple Oracle products. This Critical Patch Update addresses the vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by the issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to exploit some of the issues, but other issues do not require any authorization. The most severe of these vulnerabilities could possibly expose affected computers to complete compromise. This record will be updated and split into individual BIDs for each issue as further information is disclosed.
Affected Products
Oracle oracle10g_standard_edition
Short Name
DB:ORACLE:DBMS:EXPORT-PRIV
Severity
Major
Recommended
False
Recommended Action
None
Category
DB
Keywords
CVE-2006-1867 CVE-2006-2081 DBMS_EXPORT_EXTENSION Escalation Oracle Package Privilege bid:17590
Release Date
05/30/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3727
False Positive
Occasionally
Vendors
Oracle
Hp
CVSS Score
10.0
4.6