Vulnerability Name:

CVE-2006-0551 (CCN-24321)

Assigned:2006-01-17
Published:2006-01-17
Updated:2017-07-20
Summary:SQL injection vulnerability in the Data Pump Metadata API in Oracle Database 10g and possibly earlier might allow remote attackers to execute arbitrary SQL commands via unknown vectors.
Note: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it cannot be conclusively proven that this issue has been addressed by Oracle. It is possible that this is the same issue as Oracle Vuln# DB06 from the January 2006 CPU, in which case this would be subsumed by CVE-2006-0259 or, if it is DB05, subsumed by CVE-2006-0260.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Informational
References:Source: MITRE
Type: CNA
CVE-2005-2371

Source: MITRE
Type: CNA
CVE-2006-0257

Source: MITRE
Type: CNA
CVE-2006-0258

Source: MITRE
Type: CNA
CVE-2006-0259

Source: MITRE
Type: CNA
CVE-2006-0260

Source: MITRE
Type: CNA
CVE-2006-0261

Source: MITRE
Type: CNA
CVE-2006-0262

Source: MITRE
Type: CNA
CVE-2006-0263

Source: MITRE
Type: CNA
CVE-2006-0265

Source: MITRE
Type: CNA
CVE-2006-0266

Source: MITRE
Type: CNA
CVE-2006-0267

Source: MITRE
Type: CNA
CVE-2006-0268

Source: MITRE
Type: CNA
CVE-2006-0269

Source: MITRE
Type: CNA
CVE-2006-0270

Source: MITRE
Type: CNA
CVE-2006-0271

Source: MITRE
Type: CNA
CVE-2006-0272

Source: MITRE
Type: CNA
CVE-2006-0273

Source: MITRE
Type: CNA
CVE-2006-0274

Source: MITRE
Type: CNA
CVE-2006-0275

Source: MITRE
Type: CNA
CVE-2006-0276

Source: MITRE
Type: CNA
CVE-2006-0277

Source: MITRE
Type: CNA
CVE-2006-0278

Source: MITRE
Type: CNA
CVE-2006-0279

Source: MITRE
Type: CNA
CVE-2006-0280

Source: MITRE
Type: CNA
CVE-2006-0281

Source: MITRE
Type: CNA
CVE-2006-0282

Source: MITRE
Type: CNA
CVE-2006-0283

Source: MITRE
Type: CNA
CVE-2006-0284

Source: MITRE
Type: CNA
CVE-2006-0285

Source: MITRE
Type: CNA
CVE-2006-0286

Source: MITRE
Type: CNA
CVE-2006-0287

Source: MITRE
Type: CNA
CVE-2006-0288

Source: MITRE
Type: CNA
CVE-2006-0289

Source: MITRE
Type: CNA
CVE-2006-0290

Source: MITRE
Type: CNA
CVE-2006-0291

Source: MITRE
Type: CNA
CVE-2006-0548

Source: MITRE
Type: CNA
CVE-2006-0549

Source: MITRE
Type: CNA
CVE-2006-0550

Source: MITRE
Type: CNA
CVE-2006-0551

Source: MITRE
Type: CNA
CVE-2006-0552

Source: CCN
Type: SA18493
Oracle Products Multiple Vulnerabilities and Security Issues

Source: CCN
Type: SA18608
HP Oracle for Openview Multiple Vulnerabilities

Source: CCN
Type: SECTRACK ID: 1015499
Oracle Database and Other Products Have Multiple Unspecified Vulnerabilities With Unspecified Impact

Source: MISC
Type: UNKNOWN
http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf

Source: CCN
Type: US-CERT VU#150332
Oracle Text SQL injection vulnerability

Source: CCN
Type: US-CERT VU#472148
Oracle Reports arbitrary file writing vulnerability

Source: CCN
Type: US-CERT VU#545804
Oracle products contain multiple vulnerabilities

Source: CCN
Type: US-CERT VU#629316
Oracle Database SYS.DBMS_METADATA_UTIL package SQL injection vulnerability

Source: CCN
Type: US-CERT VU#857412
Oracle Transparent Data Encryption master encryption key stored as plaintext

Source: CCN
Type: US-CERT VU#870172
Oracle Database Net Listener vulnerability

Source: CCN
Type: US-CERT VU#891644
Oracle Database XML Database SQL Injection vulnerability

Source: CCN
Type: US-CERT VU#925261
Oracle Reports arbitrary file reading vulnerability

Source: CCN
Type: US-CERT VU#983340
Oracle Database Data Pump Metadata API SQL injection vulnerability

Source: CERT-VN
Type: Patch, Third Party Advisory, US Government Resource
VU#983340

Source: CCN
Type: US-CERT VU#999268
Oracle Client Tools buffer overflow vulnerability

Source: CCN
Type: Oracle Web site
Oracle Critical Patch Update Advisory - January 2006

Source: MISC
Type: Patch
http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html

Source: CCN
Type: OSVDB ID: 22541
Oracle Database Connection Manager Trivial Remote DoS

Source: CCN
Type: OSVDB ID: 22543
Oracle Database Data Pump Metadata API DBMS_METADATA_UTIL Multiple Procedure SQL Injection

Source: CCN
Type: OSVDB ID: 22544
Oracle Database Data Pump Metadata API DBMS_DATAPUMP Multiple Procedure SQL Injection

Source: CCN
Type: OSVDB ID: 22546
Oracle Database Net Foundation Layer Unspecified Remote Issue

Source: CCN
Type: OSVDB ID: 22547
Oracle Database Net Listener Multiple Unspecified Remote Issues (DB09)

Source: CCN
Type: OSVDB ID: 22549
Oracle Database Net Listener Multiple Unspecified Remote Issues (DB11)

Source: CCN
Type: OSVDB ID: 22550
Oracle Database Network Communications (RPC) Unspecified Remote Issue (DB12)

Source: CCN
Type: OSVDB ID: 22551
Oracle Database Network Communications (RPC) Unspecified Remote Issue (DB13)

Source: CCN
Type: OSVDB ID: 22553
Oracle Database Text cxtsys.catsearch Unspecified SQL Issue

Source: CCN
Type: OSVDB ID: 22555
Oracle Database Text CTXSYS.DRILOAD Multiple Procedure SQL Injection

Source: CCN
Type: OSVDB ID: 22556
Oracle Database TNS Authentication Phase AUTH_ALTER_SESSION Attribute SQL Injection

Source: CCN
Type: OSVDB ID: 22557
Oracle Database Query Optimizer sys.outln_pkg Unspecified SQL Issue

Source: CCN
Type: OSVDB ID: 22558
Oracle Database Query Optimizer Unspecified Trivial Remote DoS

Source: CCN
Type: OSVDB ID: 22559
Oracle Database Security sys.dbms_fga.add_policy Unspecified SQL Issue

Source: CCN
Type: OSVDB ID: 22563
Oracle Database Streams Capture DBMS_CDC_PUBLISH SET_DIRECTORY_ROOT Procedure SQL Injection

Source: CCN
Type: OSVDB ID: 22566
Oracle Database Upgrade & Downgrade DBMS_REGISTRY Multiple Procedure SQL Injection

Source: CCN
Type: OSVDB ID: 22568
Oracle Protocol Support Unspecified Limited Impact Remote Issue

Source: CCN
Type: OSVDB ID: 22569
Oracle Reorganize Objects & Convert Tablespace Unspecified Local Issue

Source: CCN
Type: OSVDB ID: 22570
Oracle Java Net Network (OID) Unspecified Trivial Remote Information Disclosure

Source: CCN
Type: OSVDB ID: 22571
Oracle Database HTTP Server Unspecified Trivial Remote Information Disclosure

Source: CCN
Type: OSVDB ID: 22572
Oracle Database HTTP Server Unspecified Trivial Remote DoS

Source: CCN
Type: OSVDB ID: 22573
Oracle Workflow Cartridge HTTP Unspecified Trivial Remote Information Disclosure (WF01)

Source: CCN
Type: OSVDB ID: 22574
Oracle Workflow Cartridge HTTP Unspecified Trivial Remote Information Disclosure (WF02)

Source: CCN
Type: OSVDB ID: 22575
Oracle Workflow Cartridge HTTP Unspecified Trivial Remote Information Disclosure (WF03)

Source: CCN
Type: OSVDB ID: 22576
Oracle Application Server Portal HTTP Unspecified Trivial Remote Information Disclosure

Source: CCN
Type: OSVDB ID: 22577
Oracle Forms HTTP Unspecified Remote Issue

Source: CCN
Type: OSVDB ID: 22578
Oracle Forms File Upload Unspecified Issue

Source: CCN
Type: OSVDB ID: 22579
Oracle Reports Developer HTTP Unspecified Remote Issue

Source: CCN
Type: OSVDB ID: 22580
Oracle Application Server Reports Developer HTTP Unspecified Remote DoS

Source: CCN
Type: OSVDB ID: 22581
Oracle Application Server Reports Developer File Upload Unspecified Issue

Source: CCN
Type: OSVDB ID: 22582
Oracle Application Server Reports Developer rwservlet customize Variable Arbitrary XML File Portion Disclosure

Source: CCN
Type: OSVDB ID: 22585
Oracle Collaboration Suite Email Server Trivial Remote Information Disclosure (OCS01)

Source: CCN
Type: OSVDB ID: 22586
Oracle Collaboration Suite Email Server Trivial Remote Information Disclosure (OCS02)

Source: CCN
Type: OSVDB ID: 22587
Oracle Collaboration Suite Email Server IMAP Authenticated Remote Trivial DoS

Source: CCN
Type: OSVDB ID: 22588
Oracle Collaboration Suite Email Server IMAP/POP Unauthenticated Remote Trivial DoS

Source: CCN
Type: OSVDB ID: 22589
Oracle Collaboration Suite Email Server SMTP Unspecified Issue (OCS05)

Source: CCN
Type: OSVDB ID: 22590
Oracle Collaboration Suite Email Server SMTP Unspecified Issue (OCS06)

Source: CCN
Type: OSVDB ID: 22591
Oracle Collaboration Suite Email Server SMTP Unspecified Issue (OCS07)

Source: CCN
Type: OSVDB ID: 22592
Oracle Collaboration Suite Email Server Unspecified Local Trivial Information Disclosure

Source: CCN
Type: OSVDB ID: 22593
Oracle Collaboration Suite Email Server HTTP Unspecified Remote Information Disclosure

Source: CCN
Type: OSVDB ID: 22594
Oracle Collaboration Suite Wireless & Voice Local Information Disclosure

Source: CCN
Type: OSVDB ID: 22595
Oracle Collaboration Suite Wireless & Voice Authenticated SMS Remote Information Disclosure

Source: CCN
Type: OSVDB ID: 22596
Oracle Collaboration Suite Management SDK FTP Unspecified Issue

Source: CCN
Type: OSVDB ID: 22597
Oracle Collaboration Suite Management SDK HTTP Unspecified Authenticated Issue

Source: CCN
Type: OSVDB ID: 22598
Oracle Collaboration Suite Content Services Email Unspecified Information Disclosure

Source: CCN
Type: OSVDB ID: 22599
Oracle Collaboration Suite Content Services HTTP Unspecified Issue

Source: CCN
Type: OSVDB ID: 22600
Oracle E-Business Suite/Applications Application Install Log File Local Information Disclosure

Source: CCN
Type: OSVDB ID: 22601
Oracle E-Business Suite/Applications CRM Technical Foundation HTTP Information Disclosure

Source: CCN
Type: OSVDB ID: 22602
Oracle E-Business Suite/Applications iProcurement HTTP Information Disclosure

Source: CCN
Type: OSVDB ID: 22603
Oracle E-Business Suite/Applications Application Object Library Log File Information Disclosure

Source: CCN
Type: OSVDB ID: 22604
Oracle E-Business Suite/Applications Application Object Library HTTP Information Disclosure (APPS05)

Source: CCN
Type: OSVDB ID: 22605
Oracle E-Business Suite/Applications Application Object Library HTTP Information Disclosure (APPS06)

Source: CCN
Type: OSVDB ID: 22606
Oracle E-Business Suite/Applications Applications Framework HTTP Unspecified Authenticated Issue

Source: CCN
Type: OSVDB ID: 22607
Oracle E-Business Suite/Applications Applications Technology Stack HTTP Trivial Information Disclosure (APPS08)

Source: CCN
Type: OSVDB ID: 22608
Oracle E-Business Suite/Applications Applications Technology Stack HTTP Trivial Information Disclosure (APPS10)

Source: CCN
Type: OSVDB ID: 22609
Oracle E-Business Suite/Applications Applications Technology Stack HTTP Trivial Information Disclosure (APPS11)

Source: CCN
Type: OSVDB ID: 22610
Oracle E-Business Suite/Applications Human Resources HTTP Authenticated Information Disclosure

Source: CCN
Type: OSVDB ID: 22611
Oracle E-Business Suite/Applications iLearning HTTP Information Disclosure (APPS13)

Source: CCN
Type: OSVDB ID: 22612
Oracle E-Business Suite/Applications iLearning HTTP Information Disclosure (APPS14)

Source: CCN
Type: OSVDB ID: 22613
Oracle E-Business Suite/Applications Marketing HTTP Authenticated Issue (APPS15)

Source: CCN
Type: OSVDB ID: 22614
Oracle E-Business Suite/Applications Marketing HTTP Authenticated Issue (APPS16)

Source: CCN
Type: OSVDB ID: 22615
Oracle E-Business Suite/Applications Marketing Encyclopedia System HTTP Information Disclosure

Source: CCN
Type: OSVDB ID: 22616
Oracle E-Business Suite/Applications Trade Management HTTP Information Disclosure

Source: CCN
Type: OSVDB ID: 22617
Oracle E-Business Suite/Applications Web Applications Desktop Integration HTTP Information Disclosure

Source: CCN
Type: OSVDB ID: 22618
Oracle PeopleSoft Enterprise Portal Unspecified Local Issue

Source: CCN
Type: OSVDB ID: 22619
Oracle JD Edwards HTML Server HTTP Unspecified Issue

Source: CCN
Type: OSVDB ID: 22620
Oracle E-Business Suite/Applications Applications Technology Stack HTTP Trivial Information Disclosure (APPS09)

Source: CCN
Type: OSVDB ID: 22637
Oracle Database Data Pump Metadata API DBMS_METADATA_INT Multiple Procedure SQL Injection

Source: CCN
Type: OSVDB ID: 22639
Oracle Database Text CTXSYS.DRIDML CLEAN_DML Procedure SQL Injection

Source: CCN
Type: OSVDB ID: 22640
Oracle Database Text CTXSYS.CTX_DOC GET_ROWID Procedure SQL Injection

Source: CCN
Type: OSVDB ID: 22641
Oracle Database Text CTXSYS.CTX_QUERY BROWSE_WORDS Procedure SQL Injection

Source: CCN
Type: OSVDB ID: 22642
Oracle Database Text CATINDEXMETHODS Multiple Procedure SQL Injection

Source: CCN
Type: OSVDB ID: 22643
Oracle Database Data Pump Metadata API DBMS_METADATA Unspecified Procedure SQL Injection

Source: CCN
Type: OSVDB ID: 60409
Oracle Client Utility Unspecified Remote Overflow

Source: MISC
Type: Patch
http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html

Source: CCN
Type: BID-16287
Oracle January Security Update Multiple Vulnerabilities

Source: CERT
Type: Patch, Third Party Advisory, US Government Resource
TA06-018A

Source: CCN
Type: IBM Internet Security Systems X-Force Database
Oracle Reports Server customize parameter information disclosure

Source: XF
Type: UNKNOWN
oracle-january2006-update(24321)

Source: XF
Type: UNKNOWN
oracle-january2006-update(24321)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:oracle:database_server:10.1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:10.1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:10.2.0.1:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:9.2.0.6:r2:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:8.0.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:10.1.0.3:r1:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:collaboration_suite:9.0.4.2:r2:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:10.1.0.4:r1:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_grid_control:10.1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:developer_suite:9.0.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_server:9.0.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_grid_control:10.1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_server:10.1.2.0.0:r2:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_server:10.1.2.0.1:r2:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_server:10.1.2.0.2:r2:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:10.2.0.1:r2:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:10.1.0.5:r1:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:9.2.0.7:r2:*:*:*:*:*:*
  • OR cpe:/a:oracle:collaboration_suite:10.1.1:r1:*:*:*:*:*:*
  • OR cpe:/a:oracle:collaboration_suite:10.1.2:r1:*:*:*:*:*:*
  • OR cpe:/a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_enterprise_portal:8.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_enterprise_portal:8.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_enterprise_portal:8.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:10.1.0.4.2:r1:*:*:*:*:*:*
  • OR cpe:/a:oracle:developer_suite:9.0.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:developer_suite:6i:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:developer_suite:9.0.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:developer_suite:10.1.2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:e-business_suite:11.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:e-business_suite:11.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:e-business_suite:11.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:e-business_suite:11.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:e-business_suite:11.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:e-business_suite:11.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:e-business_suite:11.5.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:workflow:11.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:workflow:11.5.9.5:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    oracle database server 10.1.0.3
    oracle database server 10.1.0.4
    oracle database server 10.1.0.5
    oracle database server 10.2.0.1
    oracle application server 1.0.2.2
    oracle database server 9.2.0.6 r2
    oracle database server 8.0.6.3
    oracle database server 10.1.0.3 r1
    oracle application server 9.0.4.1
    oracle collaboration suite 9.0.4.2 r2
    oracle database server 9.0.1.5
    oracle database server 10.1.0.4 r1
    oracle enterprise manager grid control 10.1.0.3
    oracle developer suite 9.0.4.1
    oracle application server 9.0.4.2
    oracle enterprise manager grid control 10.1.0.4
    oracle application server 10.1.2.0.0 r2
    oracle application server 10.1.2.0.1 r2
    oracle application server 10.1.2.0.2 r2
    oracle database server 10.2.0.1 r2
    oracle database server 10.1.0.5 r1
    oracle database server 9.2.0.7 r2
    oracle collaboration suite 10.1.1 r1
    oracle collaboration suite 10.1.2 r1
    oracle e-business suite 11.5.10
    oracle peoplesoft enterprise portal 8.4
    oracle peoplesoft enterprise portal 8.8
    oracle peoplesoft enterprise portal 8.9
    oracle database server 10.1.0.4.2 r1
    oracle developer suite 9.0.2.1
    oracle developer suite 6i
    oracle developer suite 9.0.4.2
    oracle developer suite 10.1.2.0.2
    oracle e-business suite 11.5.1
    oracle e-business suite 11.5.2
    oracle e-business suite 11.5.3
    oracle e-business suite 11.5.4
    oracle e-business suite 11.5.5
    oracle e-business suite 11.5.6
    oracle e-business suite 11.5.7
    oracle e-business suite 11.5.8
    oracle e-business suite 11.5.9
    oracle workflow 11.5.1
    oracle workflow 11.5.9.5