This host is running Oracle database and is prone to buffer overflow and denial of service vulnerabilities.
Successful exploitation allows an attacker to execute arbitrary code. It can also be exploited to cause denial of service by killing Oracle server process. Impact Level: Application
Apply patches from below link, http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
The flaws are due to error in 'MDSYS.MD' package that is used in the Oracle spatial component. The package has EXECUTE permission to PUBLIC, so any Oracle database user can exploit the vulnerability to execute arbitrary code.
Oracle Database server versions 18.104.22.168, 22.214.171.124, 126.96.36.199, and 10.1.0.4
Updated on 2015-03-25
- Oracle Database Server MDSYS.MD Buffer Overflows and Denial of Service Vulnerabilities
- Oracle Database Server Multiple Unspecified Vulnerabilities - Jan 08
- Sybase SQL Blank Password
- Oracle MySQL Multiple Unspecified vulnerabilities-02 Oct14 (Windows)
- Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)