Detections
Analytics
Oracle Listener Program Logging Privilege Escalation (1361722)
high Nessus Plugin ID 26192
Language:
Synopsis
The remote database service allows arbitrary code execution.Description
According to its version number, the Oracle listener program (tnslsnr) on the remote host has a problem with the 'SET TRC_FILE' and 'SET LOG_FILE' commands. An attacker can leverage this issue to log arbitrary data to arbitrary files subject to the permissions under which the listener program operates, corrupting existing files or creating new ones.In addition, it is also subject to attacks that can shut down or crash the listener.
Solution
Apply the patch referenced in the vendor advisory above.See Also
http://web.archive.org/web/20080404173741/http://xforce.iss.net:80/xforce/alerts/id/advise66
http://www.oracle.com/technology/deploy/security/pdf/listener_alert.pdf
Plugin Details
Severity: High
ID: 26192
File Name: oracle_tnslsnr_1361722.nasl
Version: 1.16
Type: remote
Family: Databases
Published: 9/27/2007
Updated: 4/11/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:oracle:listener
Exploit Ease: No known exploits are available
Patch Publication Date: 10/25/2000
Vulnerability Publication Date: 10/25/2000
Reference Information
CVE: CVE-2000-0818
BID: 1853