DB: Oracle Database Server SDO_CODE_SIZE Authorization Bypass
This signature detects attempts to exploit a known vulnerability in Oracle Database server. A successful attack could allow the attacker to bypass mandatory checks and gain unauthorized, privileged access to the vulnerable application.
Extended Description
Oracle Database Server is prone to an access validation vulnerability that may permit unprivileged users to execute commands as the DBA. This could compromise the database. This issue corresponds to one of the unspecified vulnerabilities mentioned in BID 10871 and addressed by Oracle Alert #68.
Affected Products
Oracle oracle9i_standard_edition
References
BugTraq: 11099
CVE: CVE-2004-0637
URL: http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf
Short Name
DB:ORACLE:SDO-CODE-AUTH-BYPASS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
Authorization Bypass CVE-2004-0637 Database Oracle SDO_CODE_SIZE Server bid:11099
Release Date
09/16/2004
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3654
False Positive
Unknown
Vendors
Oracle
CVSS Score
6.5