Vulnerability CVE-2003-0727

Vulnerability Name:

CVE-2003-0727 (CCN-12949)

Assigned:

2003-08-18

Published:

2003-08-18

Updated:

2017-09-28

Summary:

Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
1.7 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Authentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
6.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Athentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2003-0727

Source: CCN
Type: Oracle Security Alert #58
Buffer Overflow in the XML Database of Oracle9i Database Server

Source: CONFIRM
Type: UNKNOWN
http://otn.oracle.com/deploy/security/pdf/2003Alert58.pdf

Source: CCN
Type: BID-8375
Multiple Oracle XDB FTP / HTTP Services Buffer Overflow Vulnerabilities

Source: XF
Type: UNKNOWN
oracle-xml-bo(12949)

Source: EXPLOIT-DB
Type: UNKNOWN
42780

Vulnerable Configuration:

Configuration 1:

cpe:/a:oracle:database_server:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

Vulnerability Name:

CVE-2003-0727 (CCN-19910)

Assigned:

2003-08-18

Published:

2003-08-18

Updated:

2003-08-18

Summary:

Oracle9i Database Server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking of user-supplied input by the XML Database (XDB) FTP service. By sending an overly long PASS command, a remote attacker could overflow a buffer and execute arbitrary code on the system.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
1.7 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Authentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
6.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Athentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2003-0727

Source: CCN
Type: Oracle Security Alert #58
Buffer Overflow in the XML Database of Oracle9i Database Server

Source: CCN
Type: Blackhat Web site
Variations in Exploit methods between Linux and Windows

Source: CCN
Type: Metasploit Web site
Oracle 9i XDB FTP PASS Overflow (win32)

Source: CCN
Type: BID-8375
Multiple Oracle XDB FTP / HTTP Services Buffer Overflow Vulnerabilities

Source: XF
Type: UNKNOWN
oracle-ftp-pass-bo(19910)

Source: CCN
Type: Packet Storm Security [02-03-2016]
Oracle 9i XDB FTP Pass Overflow

Source: CCN
Type: Packet Storm Security [09-26-2017]
Oracle 9i XDB 9.2.01 HTTP PASS Buffer Overflow

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [09-25-2017]

BACK