Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4832

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4832
Last Modified 05 Sep 2008 04:57:57
Published 31 Dec 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4832

Summary

SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197.

Vulnerable Systems

Application

  • Oracle10g Enterprise 10.1.0.2

  • Oracle10g Enterprise 10.1.0.3

  • Oracle10g Enterprise 10.1.0.3.1

  • Oracle10g Enterprise 10.1.0.4

  • Oracle10g Enterprise 10.2.3

  • Oracle10g Enterprise 9.0.4 .0

  • Oracle10g Enterprise 9.0.4.0

  • Oracle10g Personal 10.1 .0.2

  • Oracle10g Personal 10.1.0.2

  • Oracle10g Personal 10.1.0.3

  • Oracle10g Personal 10.1.0.3.1

  • Oracle10g Personal 10.1.0.4

  • Oracle10g Personal 10.10.3.1

  • Oracle10g Personal 10.2.3

  • Oracle10g Personal 9.0.4 .0

  • Oracle10g Personal 9.0.4.0

  • Oracle10g Standard 10.1 .0.2

  • Oracle10g Standard 10.1.0.2

  • Oracle10g Standard 10.1.0.3

  • Oracle10g Standard 10.1.0.3.1

  • Oracle10g Standard 10.1.0.4

  • Oracle10g Standard 10.1.0.4.2

  • Oracle10g Standard 10.1.0.5

  • Oracle10g Standard 10.2.0.1

  • Oracle10g Standard 10.2.3

  • Oracle10g Standard 9.0.4 .0

  • Oracle10g Standard 9.0.4.0


References

CONFIRM - http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf

XF - oracle-subscriptionname-sql-injection(20159)

BID - 13236

BUGTRAQ - 20050711 Re: Problems with the Oracle Critical Patch Update for April 2005

BUGTRAQ - 20050418 [AppSecInc Team SHATTER Security Advisory] Multiple SQL Injection vulnerabilities in DBMS_CDC_SUBSCRIBE and DBMS_CDC_ISUBSCRIBE packages

MISC - http://www.argeniss.com/research/OraDBMS_CDC_SUBSCRIBEWorkaround.sql

MISC - http://www.argeniss.com/research/OraDBMS_CDC_SUBSCRIBEExploit.txt

MISC - http://www.appsecinc.com/resources/alerts/oracle/2005-02.html


Last Updated: 27 May 2016 10:41:27