Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6065

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2008-6065
Last Modified 13 Mar 2009 01:45:09
Published 04 Feb 2009 09:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2008-6065

Summary

Oracle Database Server 10.1, 10.2, and 11g grants directory WRITE permissions for arbitrary pathnames that are aliased in a CREATE OR REPLACE DIRECTORY statement, which allows remote authenticated users with CREATE ANY DIRECTORY privileges to gain SYSDBA privileges by aliasing the pathname of the password directory, and then overwriting the password file through UTL_FILE operations, a related issue to CVE-2006-7141.

Vulnerable Systems

Application

  • Oracle Database Server 10.1

  • Oracle Database Server 10.2

  • Oracle Database Server 11g


References

XF - oracle-database-sysdba-privilege-escalation(48814)

BID - 31738

BUGTRAQ - 20081011 CREATE ANY DIRECTORY to SYSDBA

MISC - http://www.oracleforensics.com/wordpress/index.php/2008/10/10/create-any-directory-to-sysdba/


Last Updated: 27 May 2016 10:49:02