Short Name |
DB:ORACLE:DBMS:VAL-REMOTE-INJ |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
DB |
Keywords |
Oracle DBMS_REPCAT_RPC.VALIDATE_REMOTE_RC SQL Injection |
Release Date |
2009/10/26 |
Update Number |
1532 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Oracle Database Server's DBMS_REPCAT_RPC package. A successful attack allows an attacker to execute arbitrary SQL commands on the affected server.
Oracle Advanced Replication is prone to a remote privilege-escalation vulnerability that can be exploited over the 'Oracle Net' protocol. An attacker must have 'Create Session' privileges to exploit this issue.