Short Name |
DB:ORACLE:TNS:CMD-EXEC |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
DB |
Keywords |
Oracle TNS Command Execution |
Release Date |
2005/10/27 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the Oracle database TNS Listener. A malicious attacker can gain a higher level of access, which might lead to remote arbitrary code execution. Vendor supplied patches are available.
Oracle is a commercial relational database product. Oracle is available for the Unix, Linux, and Microsoft Windows platforms. Oracle allows PL/SQL code to execute arbitrary library calls through a request to the Oracle Listener process. As there is no authentication, any party able to connect to the Listener may emulate this conversation and cause arbitrary library calls to be executed as the oracle user, including system and exec. It is also possible to redirect standard IO to a socket. This may immediately lead to a local compromise of the Oracle user. On Windows based systems, the call is run within the local SYSTEM security context. On Unix systems, the Listener may run with user-level privileges. ** A reliable source has indicated that a patch for this issue is available to Oracle customers but introduces the issue described in BID 8267 as a side effect. Symantec has not been able to confirm this information.