| Vulnerability Name: | CVE-2006-2081 (CCN-26048) | ||||||||
| Assigned: | 2006-04-18 | ||||||||
| Published: | 2006-04-18 | ||||||||
| Updated: | 2018-10-18 | ||||||||
| Summary: | Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via the GET_DOMAIN_INDEX_METADATA function in the DBMS_EXPORT_EXTENSION package. Note: this issue was originally linked to DB05 (CVE-2006-1870), but a reliable third party has claimed that it is not the same issue. Based on details of the problem, the primary issue appears to be insecure privileges that facilitate the introduction of SQL in a way that is not related to special characters, so this is not "SQL injection" per se. | ||||||||
| CVSS v3 Severity: | 5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P) 4.0 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
5.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:H/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Data Manipulation | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Wed Apr 19 2006 - 03:33:56 CDT Oracle 10g 10.2.0.2.0 DBA exploit Source: CCN Type: BugTraq Mailing List, Wed Apr 26 2006 - 09:29:39 CDT Recent Oracle exploit is _actually_ an 0day with no patch Source: CCN Type: Full-Disclosure Mailing List, Tue Apr 18 2006 - 14:04:23 CDT Multiple critical and high risk issues in Oracle's database server Source: MITRE Type: CNA CVE-2006-1870 Source: MITRE Type: CNA CVE-2006-2081 Source: MITRE Type: CNA CVE-2006-2505 Source: CCN Type: SA19712 Oracle Products Multiple Vulnerabilities Source: CCN Type: SA19859 HP Oracle for OpenView Multiple Vulnerabilities Source: CCN Type: SA19860 Oracle Database "DBMS_EXPORT_EXTENSION" Package SQL Injection Source: SECUNIA Type: UNKNOWN 19860 Source: SREASON Type: UNKNOWN 802 Source: CCN Type: SECTRACK ID: 1015961 Oracle Database and Other Products Have Multiple Unspecified Vulnerabilities With Unspecified Impact Source: CCN Type: SECTRACK ID: 1015999 Oracle Database DBMS_EXPORT_EXTENSION Package Lets Remote Users Execute Arbitrary Functions Source: SECTRACK Type: UNKNOWN 1015999 Source: CCN Type: US-CERT VU#452681 Oracle Export component SQL injection vulnerability Source: CCN Type: US-CERT VU#932124 Oracle DBMS_EXPORT_EXTENSION package vulnerable to SQL injection Source: CERT-VN Type: US Government Resource VU#932124 Source: CCN Type: Oracle Web site Oracle Critical Patch Update Advisory - April 2006 Source: CCN Type: OSVDB ID: 24853 Oracle Database Export sys.dbms_export_extension Unspecified Issue Source: CCN Type: OSVDB ID: 25002 Oracle Database DBMS_EXPORT_EXTENSION Package SQL Injection Source: CCN Type: OSVDB ID: 28887 Oracle OCI Unspecified Trivial DoS Source: CCN Type: OSVDB ID: 28888 Oracle RPC Unspecified Trivial DoS (DBC02) Source: CCN Type: OSVDB ID: 28889 Oracle RPC Unspecified Trivial DoS (DBC03) Source: CCN Type: OSVDB ID: 28890 Oracle RPC Database Unspecified Issue Source: CCN Type: OSVDB ID: 28897 Oracle Export sys.dbms_export_extension Unspecified Issue Source: CCN Type: OSVDB ID: 28899 Oracle OCI Database Unspecified Issue Source: CCN Type: OSVDB ID: 28900 Oracle OCI Unspecified Issue (DB09) Source: CCN Type: OSVDB ID: 28901 Oracle OCI Unspecified Issue (DB10) Source: CCN Type: OSVDB ID: 28902 Oracle OCI Unspecified Trivial DoS Source: CCN Type: OSVDB ID: 28903 Oracle Database Unspecified Trivial DoS Source: CCN Type: OSVDB ID: 28904 Oracle OCE Unspecified DoS Source: CCN Type: OSVDB ID: 28905 Oracle Database Unspecified Issue Source: CCN Type: OSVDB ID: 28907 Oracle Query Rewrite/Summary Mgmt sys.dbms_xrwmv Unspecified Issue Source: CCN Type: OSVDB ID: 28908 Oracle RPC Database Unspecified DoS Source: CCN Type: OSVDB ID: 28909 Oracle RPC Unspecified DoS Source: CCN Type: OSVDB ID: 28910 Oracle RPC Unspecified Issue Source: CCN Type: OSVDB ID: 28911 Oracle Semantic Analysis Database Unspecified Issue Source: CCN Type: Red-Database-Security Web site Details Oracle Critical Patch Update April 2006 - V1.03 Source: MISC Type: Exploit http://www.red-database-security.com/exploits/oracle-sql-injection-oracle-dbms_export_extension.html Source: BUGTRAQ Type: UNKNOWN 20060419 Oracle 10g 10.2.0.2.0 DBA exploit Source: BUGTRAQ Type: UNKNOWN 20060426 Recent Oracle exploit is _actually_ an 0day with no patch Source: BUGTRAQ Type: UNKNOWN 20060427 Re: Recent Oracle exploit is _actually_ an 0day with no patch Source: BUGTRAQ Type: UNKNOWN 20060427 Re: Recent Oracle exploit is _actually_ an 0day with no patch Source: BUGTRAQ Type: UNKNOWN 20060501 RE: Oracle 10g 10.2.0.2.0 DBA exploit Source: CCN Type: BID-17590 Oracle April 2006 Security Update Multiple Vulnerabilities Source: BID Type: UNKNOWN 17699 Source: CCN Type: BID-17699 Oracle 10g DBMS_EXPORT_EXTENSION SQL Injection Vulnerability Source: CCN Type: US-CERT Technical Cyber Security Alert TA06-109A Oracle Products Contain Multiple Vulnerabilities Source: XF Type: UNKNOWN oracle-dbmsexportextension-sql-injection(26048) Source: XF Type: UNKNOWN oracle-dbmsexportextension-sql-injection(26048) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||