Statement

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

oracle

critical

nessus

NVD

Published: 2004-12-03

Updated: 2017-07-11

Summary

Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions. This was fixed in Oracle 9i Database Release 2, version 9.2.0.3.

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle Oracle9I Enterprise_9.0.1 Oracle Oracle9I Enterprise_9.2.0 Oracle Oracle9I Enterprise_9.2.0.1 Oracle Oracle9I Enterprise_9.2.0.2 Oracle Oracle9I Personal_9.0.1 Oracle Oracle9I Personal_9.2 Oracle Oracle9I Personal_9.2.0.1 Oracle Oracle9I Personal_9.2.0.2 Oracle Oracle9I Standard_9.0 Oracle Oracle9I Standard_9.0.1 Oracle Oracle9I Standard_9.0.1.2 Oracle Oracle9I Standard_9.0.1.3 Oracle Oracle9I Standard_9.0.1.4 Oracle Oracle9I Standard_9.0.2 Oracle Oracle9I Standard_9.2 Oracle Oracle9I Standard_9.2.0.1 Oracle Oracle9I Standard_9.2.0.2	17

Nessus

NASL family	Databases
NASL id	ORACLE_TIMEZONE_OVERFLOW.NASL
description	The remote Oracle Database, according to its version number, is vulnerable to a buffer overflow in the query SET TIME_ZONE. An attacker with a database account may use this flaw to gain the control on the whole database, or even to obtain a shell on this host.
last seen	2020-06-01
modified	2020-06-02
plugin id	12047
published	2004-02-06
reporter	This script is (C) 2004-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/12047
title	Oracle Database 9i Multiple Functions Local Overflow

Summary

Vulnerable Configurations

Nessus

References