Vulnerability Name: | CCN-18946 | ||||||
Published: | 2005-01-18 | ||||||
Updated: | 2005-01-18 | ||||||
Summary: | Oracle Database Servers are vulnerable to a denial of service attack, caused by a buffer overflow. The CREATE DATABASE LINK privilege is a default privilege with the CONNECT role. A remote attacker with this privilege could supply a specially-crafted connection string to overflow a buffer and cause the server to crash. | ||||||
CVSS v3 Severity: | 3.5 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)
| ||||||
CVSS v2 Severity: | 4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P) 3.5 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P/E:H/RL:OF/RC:C)
| ||||||
Vulnerability Consequences: | Denial of Service | ||||||
References: | Source: CCN Type: Oracle Critical Patch Update Advisory January 2005 Critical Patch Update - January 2005 Source: CCN Type: Red-Database-Security Advisory RDS_20050118_1 Buffer Overflow in Create Database Link in Oracle8i - 9i Source: CCN Type: BID-12296 Oracle Database Multiple Unspecified Vulnerabilities Source: XF Type: UNKNOWN oracle-database-link-dos(18946) | ||||||
Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||
BACK |