DB: Oracle TNS Command Execution
This signature detects attempts to exploit a known vulnerability in the Oracle database TNS Listener. A malicious attacker can gain a higher level of access, which might lead to remote arbitrary code execution. Vendor supplied patches are available.
Extended Description
Oracle is a commercial relational database product. Oracle is available for the Unix, Linux, and Microsoft Windows platforms. Oracle allows PL/SQL code to execute arbitrary library calls through a request to the Oracle Listener process. As there is no authentication, any party able to connect to the Listener may emulate this conversation and cause arbitrary library calls to be executed as the oracle user, including system and exec. It is also possible to redirect standard IO to a socket. This may immediately lead to a local compromise of the Oracle user. On Windows based systems, the call is run within the local SYSTEM security context. On Unix systems, the Listener may run with user-level privileges. ** A reliable source has indicated that a patch for this issue is available to Oracle customers but introduces the issue described in BID 8267 as a side effect. Symantec has not been able to confirm this information.
Affected Products
Oracle oracle8i_enterprise_edition
References
BugTraq: 4033
CVE: CVE-2002-0567
URL: http://otn.oracle.com/deploy/security/pdf/listener_alert.pdf
Short Name
DB:ORACLE:TNS:CMD-EXEC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
CVE-2002-0567 Command Execution Oracle TNS bid:4033
Release Date
10/27/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Oracle
CVSS Score
7.5