Описание
Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP.
Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2003-0095
- http://marc.info/?l=bugtraq&m=104549693426042&w=2
- http://otn.oracle.com/deploy/security/pdf/2003alert51.pdf
- http://www.cert.org/advisories/CA-2003-05.html
- http://www.ciac.org/ciac/bulletins/n-046.shtml
- http://www.iss.net/security_center/static/11328.php
- http://www.kb.cert.org/vuls/id/953746
- http://www.osvdb.org/6319
- http://www.securityfocus.com/bid/6849
Связанные уязвимости
Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP.