Products & Services
Support

Product Categories


Popular Downloads


Manage Software

How to Buy

For Home

Linksys Products Store
Linksys is now part of Belkin
Products for everyone

All Ordering Options

Training & Events Partners
Guest

Vulnerability Alert

Oracle Database Server JAVA_ADMIN Remote Privilege Escalation Vulnerability

 
Threat Type:CWE-264: Permissions, Privileges, and Access Control
IntelliShield ID:19244
Version:1
First Published:2009 October 22 17:32 GMT
Last Published:2009 October 22 17:32 GMT
Port: Not available
Urgency:Unlikely Use
Credibility:Highly Credible
Severity:Moderate Damage
CVSS Base:6.0 CVSS Calculator
CVSS Version 2.0
CVSS Temporal:5.1
 
Version Summary:

Oracle Database Server contains a vulnerability that could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the database user.? Updates are not available.

 
 
Description

Oracle Database Server contains a vulnerability that could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the database user. 

The vulnerability is due to a security weakness in the JAVA_ADMIN role.  An attacker with the JAVA_ADMIN role and privileges to create procedures could exploit the vulnerability to run arbitrary commands on the underlying operating system with the privileges of the database server.  Code execution could allow the attacker to escalate his privileges to those of OSDBA.

Functional exploit code is publicly available.

Oracle has not confirmed this vulnerability and updated software is not available.

 
Warning Indicators

Oracle Database Server version 10.2.0.3 is vulnerable.? Other versions may also be affected.

 
IntelliShield Analysis

The JAVA_ADMIN role may appear to be a low-privileged account but, when combined with the privilege to create procedures, it can be used to create script files and run them on the underlying operating system.  Any such code execution would take place with the privileges of the database server process and could result in a full compromise of the affected database.

 
Vendor Announcements

Vendor announcements are not available.

 
Impact

An authenticated, remote attacker with the JAVA_ADMIN role could execute arbitrary commands on the underlying operating system with the privileges of the database server.  This action could allow the attacker to escalate privileges to OSDBA.

 
Technical Information

The vulnerability exists because the JAVA_ADMIN role combined with the privilege to create procedures can allow an attacker to create script files on the underlying operating system and gain the privileges to execute the files. 

An authenticated, remote attacker could run a command to change the OSDBA password to a known value.  This action could allow privilege escalation to OSDBA.

 
Safeguards

Administrators are advised to contact the vendor regarding future updates and releases.

Administrators are advised to grant JAVA_ADMIN privileges only to trusted users.

Administrators are advised to monitor affected systems for signs of suspicious activities.

 
Patches/Software

Patches and software updates are not available.

 
Alert History
 

Initial Release



Product Sets
 
The security vulnerability applies to the following combinations of products.

Primary Products:
Oracle CorporationOracle Database Server 10g 10.2 .0.3

Associated Products:
N/A




Alerts and bulletins on the Cisco Security Intelligence Operations Portal are highlighted by analysts in the Cisco Threat Operations Center and represent a subset of the comprehensive content that is available through Cisco Security IntelliShield Alert Manager Service. This customizable threat and vulnerability alert service provides security staff with access to timely, accurate, and credible information about threats and vulnerabilities that may affect their environment.


LEGAL DISCLAIMER
The urgency and severity ratings of this alert are not tailored to individual users; users may value alerts differently based upon their network configurations and circumstances. THE ALERT, AND INFORMATION CONTAINED THEREIN, ARE PROVIDED ON AN "AS IS" BASIS AND DO NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE ALERT, AND INFORMATION CONTAINED THEREIN, OR MATERIALS LINKED FROM THE ALERT, IS AT YOUR OWN RISK. INFORMATION IN THIS ALERT AND ANY RELATED COMMUNICATIONS IS BASED ON OUR KNOWLEDGE AT THE TIME OF PUBLICATION AND IS SUBJECT TO CHANGE WITHOUT NOTICE. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.
Powered by  IntelliShield