This host is installed with Oracle Database Server and is prone to security bypass vulnerability.
Successful exploitation will allow attackers to gain access to an operating system account and execute commands. Impact Level: Application/System
Apply patches from below link, http://metalink.oracle.com ***** NOTE: Ignore this warning if above mentioned patch is installed. *****
A flaw exist in Oracle listener program, which allows attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands
Oracle Database Server versions 7.3.4, 8.0.6, and 8.1.6 are affected
Get the installed version with the help of tnslsnr service and check it is vulnerable or not.
- Oracle Database Server listener Security Bypass Vulnerability
- Oracle Database Server Multiple Unspecified Vulnerabilities-01 April2014
- IBM DB2 SQL/PSM Stored Procedure Debugging Buffer Overflow Vulnerability (Windows)
- Oracle Database Server Multiple Vulnerabilities - July 06
- Oracle Database Server Multiple Unspecified Vulnerabilities - April 06